#VU734 Password decryption in Huawei products - CVE-2015-8085

Cybersecurity Help s.r.o.

Published: 2016-10-04 | Updated: 2020-01-17

Vulnerability identifier: #VU734

Vulnerability risk: Low

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2015-8085

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Huawei Quidway S5300
Hardware solutions / Routers for home users
Huawei S5300
Hardware solutions / Routers for home users
Huawei S5700
Hardware solutions / Routers for home users
Huawei S9300
Hardware solutions / Routers for home users
Huawei S12700
Hardware solutions / Routers for home users
Huawei Quidway S9300
Hardware solutions / Routers for home users
Huawei AR
Hardware solutions / Routers for home users

Vendor: Huawei

Description
The vulnerability allows remote authenticated administrators to access and decrypt valid user's passwords.
The weakness exists due to insufficient access control. By leveraging selection of a reversible encryption algorithm attackers can obtain confidential data.
Succesful exploitation of the vulnerability may result in password decryption.

Mitigation
Update Huawei AR to V200R007C00SPC100.
Update Huawei Quidway S9300 to V200R009C00.
Update Huawei S12700 to V200R008C00SPC500.
Update Huawei S9300, Quidway S5300, and S5300 to V200R007C00.
Update Huawei S5700 to V200R007C00SPC500.

Vulnerable software versions

Huawei Quidway S5300: V200R001C00SPC300

Huawei S5300: V200R002C00 - V200R006C00SPC500

Huawei S5700: V200R001C00 - V200R006C00

Huawei S9300: V200R005C00SPC300 - V200R006C00SPC500

Huawei S12700: V200R005C00 - V200R006C00

Huawei Quidway S9300: V200R001C00SPC300 - V200R003C00SPC500

Huawei AR: V200R001 - V200R005C30

External links
https://www.huawei.com/en/psirt/security-advisories/hw-455876

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

Latest bulletins with this vulnerability

Password decryption in Huawei Quidway S5300