Sign-up

ID

VAR-201412-0643


TITLE

Huawei WS318 Prediction Random Number Generator Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-09225

DESCRIPTION

The Huawei WS318 is a wireless router product from China's Huawei. A predictable random number generation vulnerability exists in Huawei WS318. A remote attacker can use this vulnerability to crack the PIN and gain access to the device by implementing a brute-force attack. This may aid in further attacks

Trust: 1.35

sources: CNVD: CNVD-2014-09225 // CNNVD: CNNVD-201412-523 // BID: 71787

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-09225

AFFECTED PRODUCTS

vendor:huaweimodel:ws318scope: - version: -

Trust: 0.6

vendor:huaweimodel:ws318 v100r001c01b022scope: - version: -

Trust: 0.3

vendor:huaweimodel:ws318 v100r001c01b023scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2014-09225 // BID: 71787

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-09225
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-09225
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-09225

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201412-523

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201412-523

PATCH

title:Huawei WS318 Patch for Forecasting Random Number Generator Vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/53399

Trust: 0.6

sources: CNVD: CNVD-2014-09225

EXTERNAL IDS

db:BIDid:71787

Trust: 1.5

db:CNVDid:CNVD-2014-09225

Trust: 0.6

db:CNNVDid:CNNVD-201412-523

Trust: 0.6

sources: CNVD: CNVD-2014-09225 // BID: 71787 // CNNVD: CNNVD-201412-523

REFERENCES

url:http://www.securityfocus.com/bid/71787

Trust: 1.2

url:http://www.huawei.com/

Trust: 0.3

url:http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-408091.htm

Trust: 0.3

sources: CNVD: CNVD-2014-09225 // BID: 71787 // CNNVD: CNNVD-201412-523

CREDITS

Dominique Bongard

Trust: 0.9

sources: BID: 71787 // CNNVD: CNNVD-201412-523

SOURCES

db:CNVDid:CNVD-2014-09225
db:BIDid:71787
db:CNNVDid:CNNVD-201412-523

LAST UPDATE DATE

2022-05-17T01:52:40.665000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-09225date:2014-12-30T00:00:00
db:BIDid:71787date:2014-12-24T00:00:00
db:CNNVDid:CNNVD-201412-523date:2014-12-29T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-09225date:2014-12-30T00:00:00
db:BIDid:71787date:2014-12-24T00:00:00
db:CNNVDid:CNNVD-201412-523date:2014-12-29T00:00:00