Vulnerabilities > Siemens > Simatic Ipc627E Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2021-33627 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. | 8.2 |
| 2022-02-03 | CVE-2021-41837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-41838 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-42059 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. | 7.2 |
| 2022-02-03 | CVE-2021-42554 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. | 7.2 |
| 2021-06-16 | CVE-2020-27339 | Improper Input Validation vulnerability in multiple products In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. | 7.2 |
| 2020-11-12 | CVE-2020-0590 | Improper Input Validation vulnerability in multiple products Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |