CVE-2021-22320

Name of the Vulnerable Software and Affected Versions: Huawei IPS Module (affected versions not specified) Huawei NGFW Module (affected versions not specified) Huawei NIP6600 (affected versions not specified) Huawei NIP6800 (affected versions not specified) Huawei Secospace USG6300 (affected versions not specified) Huawei Secospace USG6500 (affected versions not specified) Huawei Secospace USG6600 (affected versions not specified)

Description: There is a denial of service issue in Huawei products. A module cannot handle specific messages correctly. Attackers can exploit this by sending malicious messages to an affected module, leading to denial of service.

Recommendations: For Huawei IPS Module, consider disabling the module that handles specific messages until a fix is available. For Huawei NGFW Module, restrict access to the module that deals with message processing to minimize the risk of exploitation. For Huawei NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, and Secospace USG6600, avoid using the affected modules until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.