Vulnerabilities > Siemens > Simatic Ipc477E PRO Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2021-33625 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. | 7.5 |
| 2022-02-03 | CVE-2020-5953 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. | 7.5 |
| 2021-10-01 | CVE-2021-33626 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). | 7.8 |