Strix
26.1K

CVE-2017-8199

UnknownEPSS 1.12%

Last modified

CVE-2017-8199 is a vulnerability of currently unknown severity. MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. EPSS estimates a 1.12% chance of exploitation in the next 30 days.

Description

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.

Metrics

EPSS Probability
1.12%

62.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiMax Presence Firmwarev100r001c00
HuaweiTp3106 Firmwarev100r002c00
HuaweiTp3206 Firmwarev100r002c00

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-8199?
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.
How severe is CVE-2017-8199?
Severity scoring for CVE-2017-8199 is pending analysis. The EPSS model estimates a 1.12% probability of exploitation in the next 30 days.
How do I fix CVE-2017-8199?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-8199?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST