CVE-2020-27339
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).
En el kernel de Insyde InsydeH2O 5.x, algunos controladores SMM no validaban correctamente los parámetros CommBuffer y CommBufferSize, lo que permitía a los llamantes corromper el firmware o la memoria del sistema operativo. Las versiones corregidas para este problema en los controladores AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe y SdMcDeviceDxe son 05.16.25, 05.26.25, 05.35.25, 05.43.25 y 05.51.25 (para los núcleos 5.1 a 5.5)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-10-20 CVE Reserved
- 2021-06-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf | Third Party Advisory |
|
| https://security.netapp.com/advisory/ntap-20220216-0005 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.insyde.com/security-pledge/SA-2021001 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Ruggedcom Apr1808 Firmware Search vendor "Siemens" for product "Ruggedcom Apr1808 Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Ruggedcom Apr1808 Search vendor "Siemens" for product "Ruggedcom Apr1808" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Field Pg M5 Firmware Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Field Pg M5 Search vendor "Siemens" for product "Simatic Field Pg M5" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Field Pg M6 Firmware Search vendor "Siemens" for product "Simatic Field Pg M6 Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Field Pg M6 Search vendor "Siemens" for product "Simatic Field Pg M6" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc127e Firmware Search vendor "Siemens" for product "Simatic Ipc127e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc127e Search vendor "Siemens" for product "Simatic Ipc127e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc227g Firmware Search vendor "Siemens" for product "Simatic Ipc227g Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc227g Search vendor "Siemens" for product "Simatic Ipc227g" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc277g Firmware Search vendor "Siemens" for product "Simatic Ipc277g Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc277g Search vendor "Siemens" for product "Simatic Ipc277g" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc327g Firmware Search vendor "Siemens" for product "Simatic Ipc327g Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc327g Search vendor "Siemens" for product "Simatic Ipc327g" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc377g Firmware Search vendor "Siemens" for product "Simatic Ipc377g Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc377g Search vendor "Siemens" for product "Simatic Ipc377g" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc427e Firmware Search vendor "Siemens" for product "Simatic Ipc427e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc427e Search vendor "Siemens" for product "Simatic Ipc427e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc477e Firmware Search vendor "Siemens" for product "Simatic Ipc477e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc477e Search vendor "Siemens" for product "Simatic Ipc477e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc477e Pro Firmware Search vendor "Siemens" for product "Simatic Ipc477e Pro Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc477e Pro Search vendor "Siemens" for product "Simatic Ipc477e Pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc627e Firmware Search vendor "Siemens" for product "Simatic Ipc627e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc627e Search vendor "Siemens" for product "Simatic Ipc627e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc647e Firmware Search vendor "Siemens" for product "Simatic Ipc647e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc647e Search vendor "Siemens" for product "Simatic Ipc647e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc677e Firmware Search vendor "Siemens" for product "Simatic Ipc677e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc677e Search vendor "Siemens" for product "Simatic Ipc677e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Ipc847e Firmware Search vendor "Siemens" for product "Simatic Ipc847e Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc847e Search vendor "Siemens" for product "Simatic Ipc847e" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Itp1000 Firmware Search vendor "Siemens" for product "Simatic Itp1000 Firmware" | - | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Itp1000 Search vendor "Siemens" for product "Simatic Itp1000" | - | - |
Safe
|
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.3 < 5.34.44 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.3 < 5.34.44" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.2 < 5.25.44 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.2 < 5.25.44" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.1 < 5.16.25 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.1 < 5.16.25" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.4 < 5.42.44 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.4 < 5.42.44" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.3 < 5.35.25 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.3 < 5.35.25" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.2 < 5.26.25 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.2 < 5.26.25" | - |
Affected
| ||||||
| Insyde Search vendor "Insyde" | Insydeh2o Search vendor "Insyde" for product "Insydeh2o" | >= 5.4 < 5.43.25 Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.4 < 5.43.25" | - |
Affected
| ||||||