Vulnerabilities > CVE-2021-42059 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 6.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
insyde
siemens
CWE-787

Summary

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE driver.

Vulnerable Configurations

Part Description Count
Application
Insyde
85
OS
Siemens
14
Hardware
Siemens
14

Common Weakness Enumeration (CWE)