CVE-2019-5285
high-risk
Published 2019-06-04
Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)
Do I need to act?
-
0.14% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
S2300 Firmware
S2300 Firmware
S2300 Firmware
S2300 Firmware
S2300 Firmware
S2300 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S2700 Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
S5300 Firmware
Affected Vendors
References (4)
57
/ 100
high-risk
Severity
26/34 · High
Exploitability
1/34 · Minimal
Exposure
30/34 · Critical