CVE-2021-22321

Name of the Vulnerable Software and Affected Versions: Huawei NIP6300 (affected versions not specified) Huawei NIP6600 (affected versions not specified) Huawei NIP6800 (affected versions not specified) Huawei S1700 (affected versions not specified) Huawei S2700 (affected versions not specified) Huawei S5700 (affected versions not specified) Huawei S6700 (affected versions not specified) Huawei S7700 (affected versions not specified) Huawei S9700 (affected versions not specified) Huawei Secospace USG6300 (affected versions not specified) Huawei Secospace USG6500 (affected versions not specified) Huawei Secospace USG6600 (affected versions not specified) Huawei USG9500 (affected versions not specified)

Description: There is a use-after-free issue in a Huawei product. A module cannot handle specific operations in special scenarios, allowing attackers to exploit this by performing malicious operations, which can cause memory use-after-free and compromise normal service.

Recommendations: For Huawei NIP6300, update to a version that includes a fix for this issue. For Huawei NIP6600, update to a version that includes a fix for this issue. For Huawei NIP6800, update to a version that includes a fix for this issue. For Huawei S1700, update to a version that includes a fix for this issue. For Huawei S2700, update to a version that includes a fix for this issue. For Huawei S5700, update to a version that includes a fix for this issue. For Huawei S6700, update to a version that includes a fix for this issue. For Huawei S7700, update to a version that includes a fix for this issue. For Huawei S9700, update to a version that includes a fix for this issue. For Huawei Secospace USG6300, update to a version that includes a fix for this issue. For Huawei Secospace USG6500, update to a version that includes a fix for this issue. For Huawei Secospace USG6600, update to a version that includes a fix for this issue. For Huawei USG9500, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.