CVE-2021-22320
HIGHHuawei IPS/NGFW/NIP6600/NIP6800/USG6300/USG6500/USG6600 DoS via Malicious Message
Title source: llmDescription
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-03-dos-en
Scores
CVSS v3
7.5
EPSS
0.0018
EPSS Percentile
39.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (39)
huawei/ips_module_firmware
v500r005c00spc100
huawei/ips_module_firmware
v500r005c00spc200
huawei/ips_module_firmware
v500r005c20spc300
huawei/ngfw_module_firmware
v500r005c00spc100
huawei/ngfw_module_firmware
v500r005c00spc200
huawei/ngfw_module_firmware
v500r005c20spc300
huawei/nip6600_firmware
v500r001c30spc200
huawei/nip6600_firmware
v500r001c30spc600
huawei/nip6600_firmware
v500r001c60spc500
huawei/nip6600_firmware
v500r005c00spc100
... and 29 more
Published
Mar 22, 2021
Tracked Since
Feb 18, 2026