Huawei CloudLink Phone 7900 denial of service vulnerability [CVE-2019-5280]
CVE Number – CVE-2019-5280
Huawei CloudLink Phone 7900 is vulnerable to a denial of service attack, caused by improper validation of specific parameters of the TLS server certificate in the SIP TLS module.
By using man-in-the-middle attack techniques, a remote attacker could exploit this vulnerability to cause phones to register abnormally and affect the availability of IP phones.
Affected Version – V600R019C10
Resolved Product and Version – V600R019C10SPC200
Further details – https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190724-01-7900-en
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.