Siemens Simatic_ipc477e_pro
13 CVEs affecting Siemens Simatic_ipc477e_pro. Latest disclosed: 2022-02-03. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-33626 | High | 7.8 | 2021-10-01 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer… |
CVE-2021-33625 | High | 7.5 | 2022-02-03 | An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMM… |
CVE-2020-5953 | High | 7.5 | 2022-02-03 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTI… |
CVE-2020-8745 | Medium | 6.8 | 2020-11-12 | Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.2… |
CVE-2020-27339 | Medium | 6.7 | 2021-06-16 | In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt… |
CVE-2020-8703 | Medium | 6.7 | 2021-06-09 | Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and… |
CVE-2020-12357 | Medium | 6.7 | 2021-06-09 | Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2020-8704 | Medium | 6.4 | 2021-06-09 | Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via loca… |
CVE-2020-8670 | Medium | 6.4 | 2021-06-09 | Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2020-8698 | Medium | 5.5 | 2020-11-12 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local acces… |
CVE-2020-0543 | Medium | 5.5 | 2020-06-15 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information… |
CVE-2018-3639 | Medium | 5.5 | 2018-05-22 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are know… |
CVE-2020-24507 | Medium | 4.4 | 2021-06-09 | Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11… |