VIR Vulnerability Intelligence Relay

CVE-2014-4190

high
Published 2014-06-17 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343218.htm

Application impact
VendorProductVersionsFixed
huaweicampus_series_switch_softwarev200r001
huaweicampus_series_switch_softwarev200r005
huaweicampus_series_switch_softwarev200r003
huaweicampus_series_switch_softwarev200r002

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.