CVE-2021-22411

Name of the Vulnerable Software and Affected Versions: NGFW Module versions V500R005C00SPC100 through V500R005C00SPC200 Secospace USG6300 versions V500R001C30SPC200 through V500R005C00SPC200 Secospace USG6500 versions V500R001C30SPC200 through V500R005C00SPC200 Secospace USG6600 versions V500R001C30SPC200 through V500R005C00SPC200 USG9500 versions V500R001C60SPC500 through V500R005C00SPC200

Description: There is an out-of-bounds write vulnerability in some Huawei products. The code of a module has a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.

Recommendations: For NGFW Module versions V500R005C00SPC100 through V500R005C00SPC200, update to a version outside of this range to resolve the issue. For Secospace USG6300 versions V500R001C30SPC200 through V500R005C00SPC200, update to a version outside of this range to resolve the issue. For Secospace USG6500 versions V500R001C30SPC200 through V500R005C00SPC200, update to a version outside of this range to resolve the issue. For Secospace USG6600 versions V500R001C30SPC200 through V500R005C00SPC200, update to a version outside of this range to resolve the issue. For USG9500 versions V500R001C60SPC500 through V500R005C00SPC200, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the module with the bad judgment logic until a patch is available.