A vulnerability was found in Huawei Secospace USG6300, Secospace USG6500 and Secospace USD6600. It has been declared as problematic. This vulnerability affects unknown code of the component Command Handler. The manipulation leads to improper resource management. Using CWE to declare the problem leads to CWE-399. The bug was discovered 12/14/2016. The weakness was shared 04/02/2017 as sa-20161214-01 (Website). The advisory is available at huawei.com. This vulnerability was named CVE-2016-8781. The attack can be initiated remotely. There are no technical details available. There is no exploit available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 109 days. As 0-day the estimated underground price was around $5k-$25k. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 94927).
Might our Artificial Intelligence support you?
Check our Alexa App!