Use-After-Free Vulnerability in Huawei Networking Products
CVE-2021-22321

5.3MEDIUM

Summary

A use-after-free vulnerability exists in specific Huawei networking products, where certain modules fail to handle particular operations correctly under unique conditions. This flaw allows attackers to exploit the vulnerability by executing malicious operations, which can lead to memory corruption and the potential compromise of normal service operations. Affected products encompass various series, including NIP6300, NIP6600, S1700, S2700, and several others in their networking range.

Affected Version(s)

NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 V500R001C30,V500R001C60

NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 V500R001C30

NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 V500R001C60

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.