E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1832
Reference (s):
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-stack-en