CVE Number – CVE-2019-5280
Huawei CloudLink Phone 7900 is vulnerable to a denial of service attack, caused by improper validation of specific parameters of the TLS server certificate in the SIP TLS module.
By using man-in-the-middle attack techniques, a remote attacker could exploit this vulnerability to cause phones to register abnormally and affect the availability of IP phones.
Affected Version – V600R019C10
Resolved Product and Version – V600R019C10SPC200
UK based technology professional, with an interest in computer security and telecoms.