CVE-2021-22411

Published: May 27, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.Affected product versions include: NGFW Module versions V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;USG9500 versions V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200.

Vendor	Product	Versions
n/a	NGFW Module;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500	affected `V500R005C00SPC100,V500R005C00SPC200` affected `V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200` affected `V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200`

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210506-02-outofbounds-en

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-22411

Description

Affected Products

References