Siemens Simatic_ipc127e
11 CVEs affecting Siemens Simatic_ipc127e. Latest disclosed: 2022-02-03. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-42554 | High | 8.2 | 2022-02-03 | An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42… |
CVE-2021-41838 | High | 8.2 | 2022-02-03 | An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System… |
CVE-2021-41837 | High | 8.2 | 2022-02-03 | An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory cor… |
CVE-2021-33627 | High | 8.2 | 2022-02-03 | An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and… |
CVE-2021-33626 | High | 7.8 | 2021-10-01 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer… |
CVE-2021-33625 | High | 7.5 | 2022-02-03 | An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMM… |
CVE-2020-5953 | High | 7.5 | 2022-02-03 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTI… |
CVE-2020-8745 | Medium | 6.8 | 2020-11-12 | Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.2… |
CVE-2021-42059 | Medium | 6.7 | 2022-02-03 | An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and… |
CVE-2020-27339 | Medium | 6.7 | 2021-06-16 | In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt… |
CVE-2020-24513 | Medium | 6.5 | 2021-06-09 | Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure v… |