Huawei’s weak algorithm vulnerabilities may lead to information leakage
On Tuesday, Huawei stated in a security bulletin numbered “huawei-sa-20180703-01-algorithm” that some Huawei products have a weak encryption algorithm vulnerability, and successful use may lead to information leakage.
According to the description of the notification, this vulnerability was discovered at the end of last year. The vulnerability number is HWPSIRT-2017-12135 and has obtained the CVE vulnerability number – CVE-2017-17174. The CVSSv3 score of 5.3 is a medium-risk vulnerability, which is not easy to achieve due to its successful use.
Huawei explained that to exploit this vulnerability, remote unauthenticated attackers must capture TLS traffic between the client and the affected product. An attacker could initiate a Bleichenbacher attack on the RSA key exchange to decrypt the session key and previously captured session through some cryptanalysis operations. Of course, the successful use will lead to the disclosure of the information mentioned above.
As can be seen from the above explanation, those affected by this vulnerability are those that use RSA as the key exchange algorithm in the TLS cypher mode. The specific list of affected products and versions provided by Huawei is as follows:
- Full HD video conference recording server RSE6500, version V500R002C00
- IP voice integrated switch SoftCo, version V200R003C20SPCb00
- Fully adapted videoconference multipoint control unit VP9660, version V600R006C10
- eSpaceU1981 unified gateway, version V100R001C20, V200R003C20, V200R003C30, and V200R003C50
For the RSE6500, the vulnerability fixed in the version V500R002C00SPCb00. For SoftCo users, you can upgrade to the version V200R003C50SPC300 to solve the potential security risks. The vulnerability in the VP9660 fixed in the V600R006C10SPC300. For eSpaceU1981, you need to upgrade to the version. V200R003C50SPC300.