Ips Module Firmware
CVE-2021-22312
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
AnalysisAI
There is a memory leak vulnerability in some Huawei products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Memory Leak (CWE-401), which allows attackers to exhaust available memory leading to denial of service. There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500. Affected products include: Huawei Ips Module Firmware, Huawei Ngfw Module Firmware, Huawei Secospace Usg6300 Firmware, Huawei Secospace Usg6500 Firmware, Huawei Secospace Usg6600 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Ensure all allocated memory is properly freed. Use RAII patterns or garbage-collected languages.
More in Ips Module Firmware
View allBuffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module,
Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6
There is an out of bounds write vulnerability in some Huawei products. Rated high severity (CVSS 7.5), this vulnerabilit
There is a denial of service vulnerability in Huawei products. Rated high severity (CVSS 7.5), this vulnerability is rem
There is an out-of-bounds write vulnerability in some products. Rated medium severity (CVSS 6.5), this vulnerability is
There is a weak secure algorithm vulnerability in Huawei products. Rated medium severity (CVSS 5.9), this vulnerability
There is a memory leak vulnerability in Huawei products. Rated medium severity (CVSS 4.9), this vulnerability is remotel
There is an information leak vulnerability in Huawei products. Rated medium severity (CVSS 4.9), this vulnerability is r
Same weakness CWE-401 – Memory Leak
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today