// For flags

CVE-2020-27339

 

Severity Score

6.7
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).

En el kernel de Insyde InsydeH2O 5.x, algunos controladores SMM no validaban correctamente los parámetros CommBuffer y CommBufferSize, lo que permitía a los llamantes corromper el firmware o la memoria del sistema operativo. Las versiones corregidas para este problema en los controladores AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe y SdMcDeviceDxe son 05.16.25, 05.26.25, 05.35.25, 05.43.25 y 05.51.25 (para los núcleos 5.1 a 5.5)

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-10-20 CVE Reserved
  • 2021-06-16 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Ruggedcom Apr1808 Firmware
Search vendor "Siemens" for product "Ruggedcom Apr1808 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Ruggedcom Apr1808
Search vendor "Siemens" for product "Ruggedcom Apr1808"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Field Pg M5 Firmware
Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Field Pg M5
Search vendor "Siemens" for product "Simatic Field Pg M5"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Field Pg M6 Firmware
Search vendor "Siemens" for product "Simatic Field Pg M6 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Field Pg M6
Search vendor "Siemens" for product "Simatic Field Pg M6"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc127e Firmware
Search vendor "Siemens" for product "Simatic Ipc127e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc127e
Search vendor "Siemens" for product "Simatic Ipc127e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc227g Firmware
Search vendor "Siemens" for product "Simatic Ipc227g Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc227g
Search vendor "Siemens" for product "Simatic Ipc227g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc277g Firmware
Search vendor "Siemens" for product "Simatic Ipc277g Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc277g
Search vendor "Siemens" for product "Simatic Ipc277g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc327g Firmware
Search vendor "Siemens" for product "Simatic Ipc327g Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc327g
Search vendor "Siemens" for product "Simatic Ipc327g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc377g Firmware
Search vendor "Siemens" for product "Simatic Ipc377g Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc377g
Search vendor "Siemens" for product "Simatic Ipc377g"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc427e Firmware
Search vendor "Siemens" for product "Simatic Ipc427e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc427e
Search vendor "Siemens" for product "Simatic Ipc427e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc477e Firmware
Search vendor "Siemens" for product "Simatic Ipc477e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc477e
Search vendor "Siemens" for product "Simatic Ipc477e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc477e Pro Firmware
Search vendor "Siemens" for product "Simatic Ipc477e Pro Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc477e Pro
Search vendor "Siemens" for product "Simatic Ipc477e Pro"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc627e Firmware
Search vendor "Siemens" for product "Simatic Ipc627e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc627e
Search vendor "Siemens" for product "Simatic Ipc627e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc647e Firmware
Search vendor "Siemens" for product "Simatic Ipc647e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc647e
Search vendor "Siemens" for product "Simatic Ipc647e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc677e Firmware
Search vendor "Siemens" for product "Simatic Ipc677e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc677e
Search vendor "Siemens" for product "Simatic Ipc677e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Ipc847e Firmware
Search vendor "Siemens" for product "Simatic Ipc847e Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Ipc847e
Search vendor "Siemens" for product "Simatic Ipc847e"
--
Safe
Siemens
Search vendor "Siemens"
Simatic Itp1000 Firmware
Search vendor "Siemens" for product "Simatic Itp1000 Firmware"
--
Affected
in Siemens
Search vendor "Siemens"
Simatic Itp1000
Search vendor "Siemens" for product "Simatic Itp1000"
--
Safe
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.3 < 5.34.44
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.3 < 5.34.44"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.2 < 5.25.44
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.2 < 5.25.44"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.1 < 5.16.25
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.1 < 5.16.25"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.4 < 5.42.44
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.4 < 5.42.44"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.3 < 5.35.25
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.3 < 5.35.25"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.2 < 5.26.25
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.2 < 5.26.25"
-
Affected
Insyde
Search vendor "Insyde"
Insydeh2o
Search vendor "Insyde" for product "Insydeh2o"
>= 5.4 < 5.43.25
Search vendor "Insyde" for product "Insydeh2o" and version " >= 5.4 < 5.43.25"
-
Affected