6.7

CVE-2019-5300

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.

Data is provided by the National Vulnerability Database (NVD)
HuaweiAr1200 Firmware Versionv200r007c00
   HuaweiAr1200e Version-
   HuaweiAr1220c Version-
   HuaweiAr1220ev Version-
   HuaweiAr1220evw Version-
HuaweiAr1200 Firmware Versionv200r008c20
   HuaweiAr1200e Version-
   HuaweiAr1220c Version-
   HuaweiAr1220ev Version-
   HuaweiAr1220evw Version-
HuaweiAr1200 Firmware Versionv200r008c50
   HuaweiAr1200e Version-
   HuaweiAr1220c Version-
   HuaweiAr1220ev Version-
   HuaweiAr1220evw Version-
HuaweiAr1200 Firmware Versionv200r009c00
   HuaweiAr1200e Version-
   HuaweiAr1220c Version-
   HuaweiAr1220ev Version-
   HuaweiAr1220evw Version-
HuaweiAr1200 Firmware Versionv200r010c00
   HuaweiAr1200e Version-
   HuaweiAr1220c Version-
   HuaweiAr1220ev Version-
   HuaweiAr1220evw Version-
HuaweiAr1200-s Firmware Versionv200r007c00
   HuaweiAr1220f-s Version-
HuaweiAr1200-s Firmware Versionv200r008c20
   HuaweiAr1220f-s Version-
HuaweiAr1200-s Firmware Versionv200r008c50
   HuaweiAr1220f-s Version-
HuaweiAr1200-s Firmware Versionv200r009c00
   HuaweiAr1220f-s Version-
HuaweiAr1200-s Firmware Versionv200r010c00
   HuaweiAr1220f-s Version-
HuaweiAr150 Firmware Versionv200r007c00
   HuaweiAr158evw Version-
HuaweiAr150 Firmware Versionv200r008c20
   HuaweiAr158evw Version-
HuaweiAr150 Firmware Versionv200r008c50
   HuaweiAr158evw Version-
HuaweiAr150 Firmware Versionv200r009c00
   HuaweiAr158evw Version-
HuaweiAr150 Firmware Versionv200r010c00
   HuaweiAr158evw Version-
HuaweiAr160 Firmware Versionv200r007c00
   HuaweiAr161 Version-
   HuaweiAr161ew Version-
   HuaweiAr161f Version-
   HuaweiAr161f-dgp Version-
   HuaweiAr161fg-l Version-
   HuaweiAr161fgw-l Version-
   HuaweiAr161fv-1p Version-
   HuaweiAr161fw Version-
   HuaweiAr161g-l Version-
   HuaweiAr161w Version-
   HuaweiAr168f Version-
   HuaweiAr168f-4p Version-
   HuaweiAr169 Version-
   HuaweiAr169egw-l Version-
   HuaweiAr169ew Version-
   HuaweiAr169f Version-
   HuaweiAr169fgw-l Version-
   HuaweiAr169fvw Version-
   HuaweiAr169fvw-8s Version-
   HuaweiAr169g-l Version-
   HuaweiAr169jfvw-2s Version-
   HuaweiAr169w Version-
HuaweiAr160 Firmware Versionv200r008c20
   HuaweiAr161 Version-
   HuaweiAr161ew Version-
   HuaweiAr161f Version-
   HuaweiAr161f-dgp Version-
   HuaweiAr161fg-l Version-
   HuaweiAr161fgw-l Version-
   HuaweiAr161fv-1p Version-
   HuaweiAr161fw Version-
   HuaweiAr161g-l Version-
   HuaweiAr161w Version-
   HuaweiAr168f Version-
   HuaweiAr168f-4p Version-
   HuaweiAr169 Version-
   HuaweiAr169egw-l Version-
   HuaweiAr169ew Version-
   HuaweiAr169f Version-
   HuaweiAr169fgw-l Version-
   HuaweiAr169fvw Version-
   HuaweiAr169fvw-8s Version-
   HuaweiAr169g-l Version-
   HuaweiAr169jfvw-2s Version-
   HuaweiAr169w Version-
HuaweiAr160 Firmware Versionv200r008c50
   HuaweiAr161 Version-
   HuaweiAr161ew Version-
   HuaweiAr161f Version-
   HuaweiAr161f-dgp Version-
   HuaweiAr161fg-l Version-
   HuaweiAr161fgw-l Version-
   HuaweiAr161fv-1p Version-
   HuaweiAr161fw Version-
   HuaweiAr161g-l Version-
   HuaweiAr161w Version-
   HuaweiAr168f Version-
   HuaweiAr168f-4p Version-
   HuaweiAr169 Version-
   HuaweiAr169egw-l Version-
   HuaweiAr169ew Version-
   HuaweiAr169f Version-
   HuaweiAr169fgw-l Version-
   HuaweiAr169fvw Version-
   HuaweiAr169fvw-8s Version-
   HuaweiAr169g-l Version-
   HuaweiAr169jfvw-2s Version-
   HuaweiAr169w Version-
HuaweiAr160 Firmware Versionv200r009c00
   HuaweiAr161 Version-
   HuaweiAr161ew Version-
   HuaweiAr161f Version-
   HuaweiAr161f-dgp Version-
   HuaweiAr161fg-l Version-
   HuaweiAr161fgw-l Version-
   HuaweiAr161fv-1p Version-
   HuaweiAr161fw Version-
   HuaweiAr161g-l Version-
   HuaweiAr161w Version-
   HuaweiAr168f Version-
   HuaweiAr168f-4p Version-
   HuaweiAr169 Version-
   HuaweiAr169egw-l Version-
   HuaweiAr169ew Version-
   HuaweiAr169f Version-
   HuaweiAr169fgw-l Version-
   HuaweiAr169fvw Version-
   HuaweiAr169fvw-8s Version-
   HuaweiAr169g-l Version-
   HuaweiAr169jfvw-2s Version-
   HuaweiAr169w Version-
HuaweiAr160 Firmware Versionv200r010c00
   HuaweiAr161 Version-
   HuaweiAr161ew Version-
   HuaweiAr161f Version-
   HuaweiAr161f-dgp Version-
   HuaweiAr161fg-l Version-
   HuaweiAr161fgw-l Version-
   HuaweiAr161fv-1p Version-
   HuaweiAr161fw Version-
   HuaweiAr161g-l Version-
   HuaweiAr161w Version-
   HuaweiAr168f Version-
   HuaweiAr168f-4p Version-
   HuaweiAr169 Version-
   HuaweiAr169egw-l Version-
   HuaweiAr169ew Version-
   HuaweiAr169f Version-
   HuaweiAr169fgw-l Version-
   HuaweiAr169fvw Version-
   HuaweiAr169fvw-8s Version-
   HuaweiAr169g-l Version-
   HuaweiAr169jfvw-2s Version-
   HuaweiAr169w Version-
HuaweiAr200 Firmware Versionv200r007c00
   HuaweiAr201 Version-
HuaweiAr200 Firmware Versionv200r008c20
   HuaweiAr201 Version-
HuaweiAr200 Firmware Versionv200r008c50
   HuaweiAr201 Version-
HuaweiAr200 Firmware Versionv200r009c00
   HuaweiAr201 Version-
HuaweiAr200 Firmware Versionv200r010c00
   HuaweiAr201 Version-
HuaweiAr2200 Firmware Versionv200r007c00
   HuaweiAr2204-27ge Version-
   HuaweiAr2204-27ge-p Version-
   HuaweiAr2204-51ge-p Version-
   HuaweiAr2204e Version-
   HuaweiAr2204xe Version-
   HuaweiAr2220e Version-
   HuaweiAr2240 Version-
   HuaweiAr2240c Version-
HuaweiAr2200 Firmware Versionv200r008c20
   HuaweiAr2204-27ge Version-
   HuaweiAr2204-27ge-p Version-
   HuaweiAr2204-51ge-p Version-
   HuaweiAr2204e Version-
   HuaweiAr2204xe Version-
   HuaweiAr2220e Version-
   HuaweiAr2240 Version-
   HuaweiAr2240c Version-
HuaweiAr2200 Firmware Versionv200r008c50
   HuaweiAr2204-27ge Version-
   HuaweiAr2204-27ge-p Version-
   HuaweiAr2204-51ge-p Version-
   HuaweiAr2204e Version-
   HuaweiAr2204xe Version-
   HuaweiAr2220e Version-
   HuaweiAr2240 Version-
   HuaweiAr2240c Version-
HuaweiAr2200 Firmware Versionv200r009c00
   HuaweiAr2204-27ge Version-
   HuaweiAr2204-27ge-p Version-
   HuaweiAr2204-51ge-p Version-
   HuaweiAr2204e Version-
   HuaweiAr2204xe Version-
   HuaweiAr2220e Version-
   HuaweiAr2240 Version-
   HuaweiAr2240c Version-
HuaweiAr2200 Firmware Versionv200r010c00
   HuaweiAr2204-27ge Version-
   HuaweiAr2204-27ge-p Version-
   HuaweiAr2204-51ge-p Version-
   HuaweiAr2204e Version-
   HuaweiAr2204xe Version-
   HuaweiAr2220e Version-
   HuaweiAr2240 Version-
   HuaweiAr2240c Version-
HuaweiAr2200s Firmware Versionv200r007c00
   HuaweiAr2200s Version-
HuaweiAr2200s Firmware Versionv200r008c20
   HuaweiAr2200s Version-
HuaweiAr2200s Firmware Versionv200r008c50
   HuaweiAr2200s Version-
HuaweiAr2200s Firmware Versionv200r009c00
   HuaweiAr2200s Version-
HuaweiAr2200s Firmware Versionv200r010c00
   HuaweiAr2200s Version-
HuaweiAr3200 Firmware Versionv200r007c00
   HuaweiAr3260 Version-
HuaweiAr3200 Firmware Versionv200r008c20
   HuaweiAr3260 Version-
HuaweiAr3200 Firmware Versionv200r008c50
   HuaweiAr3260 Version-
HuaweiAr3200 Firmware Versionv200r009c00
   HuaweiAr3260 Version-
HuaweiAr3200 Firmware Versionv200r010c00
   HuaweiAr3260 Version-
HuaweiSrg1300 Firmware Versionv200r007c00
   HuaweiSrg1320vw Version-
HuaweiSrg1300 Firmware Versionv200r008c50
   HuaweiSrg1320vw Version-
HuaweiSrg1300 Firmware Versionv200r009c00
   HuaweiSrg1320vw Version-
HuaweiSrg1300 Firmware Versionv200r010c00
   HuaweiSrg1320vw Version-
HuaweiSrg2300 Firmware Versionv200r007c00
   HuaweiSrg2320e Version-
HuaweiSrg2300 Firmware Versionv200r008c50
   HuaweiSrg2320e Version-
HuaweiSrg2300 Firmware Versionv200r009c00
   HuaweiSrg2320e Version-
HuaweiSrg2300 Firmware Versionv200r010c00
   HuaweiSrg2320e Version-
HuaweiSrg3300 Firmware Versionv200r007c00
   HuaweiSrg3340 Version-
HuaweiSrg3300 Firmware Versionv200r008c50
   HuaweiSrg3340 Version-
HuaweiSrg3300 Firmware Versionv200r009c00
   HuaweiSrg3340 Version-
HuaweiSrg3300 Firmware Versionv200r010c00
   HuaweiSrg3340 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.01% 0.006
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.