Vulnerabilities > Siemens > Simatic Ipc127E Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-03 CVE-2021-42059 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20.
local
low complexity
insyde siemens CWE-787
6.7
6.7
2021-06-16 CVE-2020-27339 Improper Input Validation vulnerability in multiple products
In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory.
local
low complexity
insyde siemens CWE-20
6.7
6.7
2021-06-09 CVE-2020-24513 Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian siemens
6.5
6.5
2020-11-12 CVE-2020-8745 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel siemens
6.8
6.8