Vulnerabilities > Siemens > Simatic Field PG M5 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2021-33627 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. | 8.2 |
| 2022-02-03 | CVE-2021-41837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-41838 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-42059 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. | 7.2 |
| 2022-02-03 | CVE-2021-42554 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. | 7.2 |
| 2021-06-16 | CVE-2020-27339 | Improper Input Validation vulnerability in multiple products In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. | 7.2 |
| 2017-11-21 | CVE-2017-5712 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. | 7.2 |
| 2017-11-21 | CVE-2017-5711 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege. | 7.8 |