Huawei Updates
1628Warning Date
Severity Level
Warning Number
Target Sector
21 October, 2021
● Medium
2021-3713
All
Description:
Huawei has released security updates to address several vulnerabilities in the following products:
- IPS Module
- NGFW Module
- NIP6600
- S1700
- S2700
- S5700
- S6700
- S7700
- S9700
- USG9500
- FusionCube
- ManageOne
- iManager NetEco
- iManager NetEco 6000
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Inject CSV files
Best practice and Recommendations:
The CERT team encourages users to review Huawei security advisory and apply the necessary updates:
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-pathtraversal-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-csv-en
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en