CVE-2019-5293

Name: CVE-2019-5293
Creator: NVD / NIST
Published: 2019-11-13T17:15:14.07+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.5/10EPSS 0.76%

Last modified Jun 17, 2026

CVE-2019-5293 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. EPSS estimates a 0.76% chance of exploitation in the next 30 days.

Description

Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal.

Metrics

CVSS 3.1

6.5/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.76%

50.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-401

Affected Software

Vendor	Product	Versions
Huawei	Ar120-S Firmware	v200r005c20
Huawei	Ar120-S Firmware	v200r006c10
Huawei	Ar1200 Firmware	v200r005c20
Huawei	Ar1200 Firmware	v200r006c10
Huawei	Ar1200-S Firmware	v200r005c20
Huawei	Ar1200-S Firmware	v200r006c10
Huawei	Ar150 Firmware	v200r005c20
Huawei	Ar150 Firmware	v200r006c10
Huawei	Ar150-S Firmware	v200r005c20
Huawei	Ar150-S Firmware	v200r006c10
Huawei	Ar160 Firmware	v200r005c20
Huawei	Ar160 Firmware	v200r006c10
Huawei	Ar200 Firmware	v200r005c20
Huawei	Ar200 Firmware	v200r006c10
Huawei	Ar200-S Firmware	v200r005c20
Huawei	Ar200-S Firmware	v200r006c10
Huawei	Ar2200 Firmware	v200r005c20
Huawei	Ar2200 Firmware	v200r006c10
Huawei	Ar2200-S Firmware	v200r005c20
Huawei	Ar2200-S Firmware	v200r006c10
Huawei	Ar3200 Firmware	v200r005c20
Huawei	Ar3200 Firmware	v200r006c10
Huawei	Ar3600 Firmware	v200r006c10
Huawei	Netengine16ex Firmware	v200r005c20
Huawei	Netengine16ex Firmware	v200r006c10
Huawei	Srg1300 Firmware	v200r005c20
Huawei	Srg1300 Firmware	v200r006c10
Huawei	Srg2300 Firmware	v200r005c20
Huawei	Srg2300 Firmware	v200r006c10
Huawei	Srg3300 Firmware	v200r005c20
Huawei	Srg3300 Firmware	v200r006c10

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-enVendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-enVendor Advisory

Timeline

Published: Nov 13, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-5293?

How severe is CVE-2019-5293?

CVE-2019-5293 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 0.76% probability of exploitation in the next 30 days.

How do I fix CVE-2019-5293?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-5293?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST