CVE-2021-22320

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.

Published: Mar 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-22320
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
huawei / ips_module_firmware	500r005c00spc100	500r005c00spc100.x
huawei / ips_module_firmware	500r005c00spc200	500r005c00spc200.x
huawei / ips_module_firmware	500r005c20spc300	500r005c20spc300.x
huawei / ngfw_module_firmware	500r005c00spc100	500r005c00spc100.x
huawei / ngfw_module_firmware	500r005c00spc200	500r005c00spc200.x
huawei / ngfw_module_firmware	500r005c20spc300	500r005c20spc300.x
huawei / nip6600_firmware	500r001c30spc200	500r001c30spc200.x
huawei / nip6600_firmware	500r001c30spc600	500r001c30spc600.x
huawei / nip6600_firmware	500r001c60spc500	500r001c60spc500.x
huawei / nip6600_firmware	500r005c00spc100	500r005c00spc100.x
huawei / nip6600_firmware	500r005c00spc200	500r005c00spc200.x
huawei / nip6600_firmware	500r005c20spc300	500r005c20spc300.x
huawei / nip6600_firmware	500r005c20spc500	500r005c20spc500.x
huawei / nip6800_firmware	500r001c60spc500	500r001c60spc500.x
huawei / nip6800_firmware	500r005c00spc100	500r005c00spc100.x
huawei / nip6800_firmware	500r005c00spc200	500r005c00spc200.x
huawei / nip6800_firmware	500r005c20spc300	500r005c20spc300.x
huawei / nip6800_firmware	500r005c20spc500	500r005c20spc500.x
huawei / secospace_usg6300_firmware	500r001c30spc200	500r001c30spc200.x
huawei / secospace_usg6300_firmware	500r001c30spc600	500r001c30spc600.x
huawei / secospace_usg6300_firmware	500r001c60spc500	500r001c60spc500.x
huawei / secospace_usg6300_firmware	500r005c00spc100	500r005c00spc100.x
huawei / secospace_usg6300_firmware	500r005c00spc200	500r005c00spc200.x
huawei / secospace_usg6300_firmware	500r005c20spc300	500r005c20spc300.x
huawei / secospace_usg6300_firmware	500r005c20spc500	500r005c20spc500.x
huawei / secospace_usg6500_firmware	500r001c30spc200	500r001c30spc200.x
huawei / secospace_usg6500_firmware	500r001c30spc600	500r001c30spc600.x
huawei / secospace_usg6500_firmware	500r001c60spc500	500r001c60spc500.x
huawei / secospace_usg6500_firmware	500r005c00spc100	500r005c00spc100.x
huawei / secospace_usg6500_firmware	500r005c00spc200	500r005c00spc200.x
huawei / secospace_usg6500_firmware	500r005c20spc300	500r005c20spc300.x
huawei / secospace_usg6500_firmware	500r005c20spc500	500r005c20spc500.x
huawei / secospace_usg6600_firmware	500r001c30spc200	500r001c30spc200.x
huawei / secospace_usg6600_firmware	500r001c30spc600	500r001c30spc600.x
huawei / secospace_usg6600_firmware	500r001c60spc500	500r001c60spc500.x
huawei / secospace_usg6600_firmware	500r005c00spc100	500r005c00spc100.x
huawei / secospace_usg6600_firmware	500r005c00spc200	500r005c00spc200.x
huawei / secospace_usg6600_firmware	500r005c20spc300	500r005c20spc300.x
huawei / secospace_usg6600_firmware	500r005c20spc500	500r005c20spc500.x

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-en

Vulnerability Database

289,599

CVE-2021-22320