Out of Bound Write Vulnerability in Huawei Network Products
CVE-2021-37129

7.5HIGH

Key Information:

Vendor: Huawei
Status: Iips Module;ngfw Module;nip6600;s12700;s1700;s2700;s5700;s6700;s7700;s9700;usg9500
Vendor: CVE Published:; 27 October 2021

Summary

An out of bounds write vulnerability exists in multiple Huawei network products, triggered by a failure to properly verify input parameters. An attacker exploiting this vulnerability could potentially corrupt memory, leading to a denial of service condition. This issue affects a range of products, demanding immediate attention and remediation to safeguard network integrity.

Affected Version(s)

IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 V500R005C00,V500R005C20

IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 V500R005C00

IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2021
Vulnerability Reserved
Jul 20, 2021