This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Advisory - Two Vulnerabilities in Huawei TE Series Product

  • SA No:Huawei-SA-20151125-01-TE
  • Initial Release Date: Nov 25, 2015
  • Last Release Date: Jan 06, 2016

Huawei TE series is a multimedia video conferencing endpoint that transfers audio, video, and desktop resources based on IP networks. It offers point-to-point and multiparty conferences for attendees at different places to enjoy face-to-face audio/video communication experience.

 

A security vulnerability exists in the presentatibon sending/receiving permission management mechanism of Huawei TE product. An attacker can access the TE through Wi-Fi to trigger abnormal processing of wireless presentation in specific scenarios. As a result, the sending of wired presentation in use stops, affecting normal services. (Vulnerability ID: HWPSIRT-2015-08043)

This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8672.

 

The Debug account on Huawei TE product has an old password check vulnerability. If a user logs in to a PC using the Debug account and leaves the PC, an attacker changes the password of the Debug account without entering the old password and obtains the permissions of the Debug account. (Vulnerability ID: HWPSIRT-2015-10002)

This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-8673.

 

 Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462952.htm

Product Name

Affected Version

Resolved Product and Version

TE30/40/50/60

TE60[1] V100R001C10B022

TE60 V100R001C10SPC100

 

[1] The TE60 software supports multiple hardware platforms which come in four models: TE30, TE40, TE50, and TE60.


HWPSIRT-2015-08043

Successful exploitation of this vulnerability may abnormally stop the sending of wired presentation, affecting normal services.

HWPSIRT-2015-10002

Successful exploitation of this vulnerability enables an attacker to change the password and obtain the permissions of the Debug account.


The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).

HWPSIRT-2015-08043

Base Score: 3.3 (AC:A/AC:L/Au:N/C:N/I:N/A:P)

Temporal Score: 2.7 (E:F/RL:O/RC:C)

HWPSIRT-2015-10002

Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Temporal Score: 5.7 (E:F/RL:O/RC:C)


HWPSIRT-2015-08043

Prerequisite:

  1. The attacker can access the TE through Wi-Fi;

Attacking procedure:

An attacker can access the product through Wi-Fi to trigger abnormal processing of wireless presentation in specific scenarios. The TE product does not implement effective permission control over the sending and receiving of presentation. As a result, the sending of wired presentation in use stops, affecting normal services.

HWPSIRT-2015-10002

Prerequisite:

  1. A user logs in to the PC successfully using the Debug account;.
  2. The attacker can approach and perform operations on the PC;

Attacking procedure:

A user logs in to a PC using the Debug account and leaves the PC. The TE product does not verify the old password of the Debug account during password change operations. Therefore, an attacker can change the password of the Debug account without entering the old password and obtain the permissions of the Debug account. 


Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm.


This vulnerability is reported by Huawei internal tester. Huawei PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.

For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.

For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.


2016-01-06 V1.1 UPDATED Assigned a CVE ID to the vulnerability

2015-11-25 V1.0 INITIAL


This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.


Complete information for providing feedback on security vulnerability of Huawei products, getting support for Huawei security incident response services, and obtaining Huawei security vulnerability information, is available on Huawei's worldwide website at http://www.huawei.com/en/security/psirt/.