Huawei Patches Four Server Bugs Rated High Severity

Huawei Technologies warned customers of four vulnerabilities rated high that impact 20 of its server models. Patches are available for each of the bugs that range from an authentication bypass vulnerability, privilege escalation vulnerability and two JavaScript Object Notation (JSON) injection vulnerabilities.

The China-based technology firm also announced on Wednesday a DoS vulnerability impacting its Mate 8, P9 and P9 Plus handsets, rated medium in severity. Lastly, Huawei said it patched a cross-site scripting (XSS) vulnerability rated medium in severity and tied to its unified messaging app called eSpace Desktop.

Impacted server models range from Huawei’s XH, RH and CH lines. Two of the server vulnerabilities are related to the company’s Intelligent Baseboard Management Controller (iBMC) server component, a management and control tool that runs on a dedicated Huawei chipset.

“The iBMC of some Huawei servers have two JSON injection vulnerabilities due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system,” according to the company’s security advisory.

Last week, Huawei patched three other JSON injection vulnerabilities, rated high in severity (CVE-2018-7902, CVE-2018-7903 and CVE-2018-7904).

The second iBMC-related bug is a privilege escalation vulnerability that could allow a remote attacker to send a specially crafted login message to the vulnerable server and lock users out by changing their passwords. “Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users,” according the security advisory.

Wednesday’s iBMC issues dovetail similar problems reported by Huawei regarding the same component. Last week, the company reported a medium severity authentication bypass bug (CVE-2018-7942) connected to iBMC. Similarly, on May 9 and again on May 16 Huawei announced patches for an iBMC-related improper authorization bugs (CVE-2018-7941 and CVE-2017-17323).

The authentication bypass vulnerability, according to Huawei, could allow a remote attacker with low privileges to “bypass the authentication by some special operations” and access “sensitive information” and gain a high level of user privileges.

Each of the vulnerabilities were disclosed on Wednesday through Huawei’s own security bulletin.