Vulnerabilities > CVE-2021-42059 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
insyde
siemens
CWE-787

Summary

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE driver.

Vulnerable Configurations

Part Description Count
Application
Insyde
51
OS
Siemens
14
Hardware
Siemens
14

Common Weakness Enumeration (CWE)