CVE-2021-33627

EUVD-2021-20304
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.2 HIGH
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
insydeinsydeh2o
5.0 ≤
𝑥
< 5.08.29
insydeinsydeh2o
5.1 ≤
𝑥
< 5.16.29
insydeinsydeh2o
5.2 ≤
𝑥
< 5.26.29
insydeinsydeh2o
5.3 ≤
𝑥
< 5.35.29
siemenssimatic_field_pg_m5_firmware
*
siemenssimatic_field_pg_m6_firmware
*
siemenssimatic_ipc127e_firmware
*
siemenssimatic_ipc227g_firmware
*
siemenssimatic_ipc277g_firmware
*
siemenssimatic_ipc327g_firmware
*
siemenssimatic_ipc377g_firmware
*
siemenssimatic_ipc427e_firmware
*
siemenssimatic_ipc477e_firmware
*
siemenssimatic_ipc627e_firmware
*
siemenssimatic_ipc647e_firmware
*
siemenssimatic_ipc677e_firmware
*
siemenssimatic_ipc847e_firmware
*
siemenssimatic_itp1000_firmware
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf
https://security.netapp.com/advisory/ntap-20220222-0002/
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2022022
https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf
https://security.netapp.com/advisory/ntap-20220222-0002/
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2022022
https://www.kb.cert.org/vuls/id/796611