CVE-2021-22356: There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerabili...

Description

There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.

Metrics

CVSS 3.1

5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

0.40%

32.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-327

Affected Software

Vendor	Product	Versions
Huawei	Ips Module Firmware	v500r005c00spc100
Huawei	Ips Module Firmware	v500r005c00spc200
Huawei	Ngfw Module Firmware	v500r005c00spc100
Huawei	Ngfw Module Firmware	v500r005c00spc200
Huawei	Secospace Usg6300 Firmware	v500r001c30spc200
Huawei	Secospace Usg6300 Firmware	v500r001c30spc600
Huawei	Secospace Usg6300 Firmware	v500r001c60spc500
Huawei	Secospace Usg6300 Firmware	v500r005c00spc100
Huawei	Secospace Usg6300 Firmware	v500r005c00spc200
Huawei	Secospace Usg6500 Firmware	v500r001c30spc200
Huawei	Secospace Usg6500 Firmware	v500r001c30spc600
Huawei	Secospace Usg6500 Firmware	v500r001c60spc500
Huawei	Secospace Usg6500 Firmware	v500r005c00spc100
Huawei	Secospace Usg6500 Firmware	v500r005c00spc200
Huawei	Secospace Usg6600 Firmware	v500r001c30spc200
Huawei	Secospace Usg6600 Firmware	v500r001c30spc600
Huawei	Secospace Usg6600 Firmware	v500r001c60spc500
Huawei	Secospace Usg6600 Firmware	v500r005c00spc100
Huawei	Secospace Usg6600 Firmware	v500r005c00spc200
Huawei	Usg9500 Firmware	v500r001c30spc200
Huawei	Usg9500 Firmware	v500r001c30spc600
Huawei	Usg9500 Firmware	v500r001c60spc500
Huawei	Usg9500 Firmware	v500r005c00spc100
Huawei	Usg9500 Firmware	v500r005c00spc200

References

Timeline

Published: Nov 23, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-22356?

There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200.

How severe is CVE-2021-22356?

CVE-2021-22356 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2021-22356?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.