CVE-2021-22365
LOWeSE620X <V100R001C10SPC200-V200R001C00SPC300 - Info Disclosure
Title source: llmDescription
There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-02-outbounds-en
Scores
CVSS v3
3.3
EPSS
0.0002
EPSS Percentile
6.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-125
Status
published
Products (3)
huawei/ese620x_vess_firmware
v100r001c10spc200
huawei/ese620x_vess_firmware
v100r001c20spc200
huawei/ese620x_vess_firmware
v200r001c00spc300
Published
Jun 22, 2021
Tracked Since
Feb 18, 2026