CVE-2021-22321
MEDIUMHuawei NIP6300-NIP6800 S1700-S9700 Secospace USG6300-USG9500 Use-After-Free
Title source: llmDescription
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en
Scores
CVSS v3
5.3
EPSS
0.0021
EPSS Percentile
42.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-416
Status
published
Products (50)
huawei/nip6300_firmware
v500r001c30
huawei/nip6300_firmware
v500r001c60
huawei/nip6600_firmware
v500r001c30
huawei/nip6800_firmware
v500r001c60
huawei/s12700_firmware
v200r007c01
huawei/s12700_firmware
v200r007c01b102
huawei/s12700_firmware
v200r008c00
huawei/s12700_firmware
v200r010c00
huawei/s12700_firmware
v200r010c00spc300
huawei/s12700_firmware
v200r011c00
... and 40 more
Published
Mar 22, 2021
Tracked Since
Feb 18, 2026