Unknown
CVE-2021-37129
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-37129
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- ips module firmware v500r005c00,
- ips module firmware v500r005c20,
- ngfw module firmware v500r005c00,
- nip6600 firmware v500r005c00,
- nip6600 firmware v500r005c20,
- s12700 firmware v200r010c00spc600,
- s12700 firmware v200r011c10spc500,
- s12700 firmware v200r011c10spc600,
- s12700 firmware v200r013c00spc500,
- s12700 firmware v200r019c00spc200,
- s12700 firmware v200r019c00spc500,
- s12700 firmware v200r019c10spc200,
- s12700 firmware v200r020c00,
- s12700 firmware v200r020c10,
- s1700 firmware v200r010c00spc600,
- s1700 firmware v200r011c10spc500,
- s1700 firmware v200r011c10spc600,
- s2700 firmware v200r010c00spc600,
- s2700 firmware v200r011c10spc500,
- s2700 firmware v200r011c10spc600,
- s5700 firmware v200r010c00spc600,
- s5700 firmware v200r010c00spc700,
- s5700 firmware v200r011c10spc500,
- s5700 firmware v200r011c10spc600,
- s5700 firmware v200r019c00spc500,
- s6700 firmware v200r010c00spc600,
- s6700 firmware v200r011c10spc500,
- s6700 firmware v200r011c10spc600,
- s7700 firmware v200r010c00spc600,
- s7700 firmware v200r010c00spc700,
- s7700 firmware v200r011c10spc500,
- s7700 firmware v200r011c10spc600,
- s9700 firmware v200r010c00spc600,
- s9700 firmware v200r011c10spc500,
- s9700 firmware v200r011c10spc600,
- usg9500 firmware v500r005c00,
- usg9500 firmware v500r005c20
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: