CVE-2021-37129 : There is an out of bounds write vulnerability in some Huawei products. The vulne

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.

Published 2021-10-27 01:15:08

Updated 2021-10-28 17:04:46

Source Huawei Technologies

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2021-37129

Huawei » S7700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S7700 Firmware » Version: V200r010c00spc700
cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S7700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S7700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S7700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S9700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S9700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r019c00spc500
cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r013c00spc500
cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r019c00spc200
cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r019c10spc200
cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r020c00
cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S12700 Firmware » Version: V200r020c10
cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S12700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r019c00spc500
cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r010c00spc700
cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » S5700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S5700 » Version: N/A
Huawei » Usg9500 Firmware » Version: V500r005c00
cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Usg9500 » Version: N/A
Huawei » Usg9500 Firmware » Version: V500r005c20
cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Usg9500 » Version: N/A
Huawei » Ngfw Module Firmware » Version: V500r005c00
cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Ngfw Module » Version: N/A
Huawei » Nip6600 Firmware » Version: V500r005c00
cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Nip6600 » Version: N/A
Huawei » Nip6600 Firmware » Version: V500r005c20
cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Nip6600 » Version: N/A
Huawei » Ips Module Firmware » Version: V500r005c00
cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Ips Module » Version: N/A
Huawei » Ips Module Firmware » Version: V500r005c20
cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » Ips Module » Version: N/A
Huawei » S6700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S6700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S6700 » Version: N/A
Huawei » S2700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S2700 » Version: N/A
Huawei » S2700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S2700 » Version: N/A
Huawei » S2700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S2700 » Version: N/A
Huawei » S1700 Firmware » Version: V200r010c00spc600
cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S1700 » Version: N/A
Huawei » S1700 Firmware » Version: V200r011c10spc500
cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S1700 » Version: N/A
Huawei » S1700 Firmware » Version: V200r011c10spc600
cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*
Matching versions
When used together with: Huawei » S1700 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-37129

EPSS FAQ

0.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 37 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-37129

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-37129

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-37129

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en

Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products
Vendor Advisory

Jump to

Vulnerability Details : CVE-2021-37129

Products affected by CVE-2021-37129

Exploit prediction scoring system (EPSS) score for CVE-2021-37129

CVSS scores for CVE-2021-37129

CWE ids for CVE-2021-37129

References for CVE-2021-37129