CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-45969
https://notcve.org/view.php?id=CVE-2021-45969
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location). Se ha detectado un problema en AhciBusDxe en InsydeH2O con el kernel 5.1 anteriores a 05.16.25, 5.2 anteriores a 05.26.25, 5.3 anteriores a 05.35.25, 5.4 anteriores a 05.43.25 y 5.5 anteriores a 05.51.25. Se presenta una vulnerabilidad en la rama SMM (System Management Mode) que registra un manejador SWSMI que no comprueba o valida suficientemente el puntero del buffer asignado (la ubicación CommBuffer+8). • https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf https://security.netapp.com/advisory/ntap-20220216-0004 https://www.insyde.com/security-pledge • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-45970
https://notcve.org/view.php?id=CVE-2021-45970
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location). Se ha detectado un problema en IdeBusDxe en InsydeH2O con el kernel 5.1 anteriores a 05.16.25, 5.2 anteriores a 05.26.25, 5.3 anteriores a 05.35.25, 5.4 anteriores a 05.43.25 y 5.5 anteriores a 05.51.25. Se presenta una vulnerabilidad en la rama SMM (System Management Mode) que registra un manejador SWSMI que no comprueba ni valida suficientemente el puntero del buffer asignado (el código de estado guardado en la ubicación CommBuffer+4). • https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf https://security.netapp.com/advisory/ntap-20220216-0004 https://www.insyde.com/security-pledge • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5956
https://notcve.org/view.php?id=CVE-2020-5956
An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer. Se ha detectado un problema en SdLegacySmm en InsydeH2O con el kernel 5.1 anteriores a 05.15.11, 5.2 anteriores a 05.25.11, 5.3 anteriores a 05.34.11 y 5.4 anteriores a 05.42.11. El manejador SMI de software permite una entrada externa no confiable porque no verifica el CommBuffer. • https://security.netapp.com/advisory/ntap-20220223-0001 https://www.insyde.com/security-pledge • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 56EXPL: 0CVE-2020-5955
https://notcve.org/view.php?id=CVE-2020-5955
An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges. Se ha detectado un problema en Int15MicrocodeSmm en Insyde InsydeH2O versiones anteriores al 14-10-2021 en los chipsets de cliente de Intel. Un llamador puede ser capaz de escalar privilegios • https://security.netapp.com/advisory/ntap-20220223-0003 https://www.insyde.com/products https://www.insyde.com/security-pledge/SA-2021002 •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2021-33626
https://notcve.org/view.php?id=CVE-2021-33626
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. Existe una vulnerabilidad en la rama SMM (System Management Mode) que registra un manejador SWSMI que no comprueba o valida suficientemente el puntero del buffer asignado (valores QWORD para CommBuffer). Esto puede ser utilizado por un atacante para corromper los datos en la memoria SMRAM e incluso llevar a la ejecución de código arbitrario • https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf https://security.netapp.com/advisory/ntap-20220216-0006 https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2021001 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •