Vulnerabilities > Siemens > Simatic Ipc627E Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-03 CVE-2021-33627 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm.
local
low complexity
insyde siemens CWE-119
8.2
2022-02-03 CVE-2021-41837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O.
local
low complexity
insyde siemens CWE-119
7.2
2022-02-03 CVE-2021-41838 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O.
local
low complexity
insyde siemens CWE-119
7.2
2022-02-03 CVE-2021-42059 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20.
local
low complexity
insyde siemens CWE-787
7.2
2022-02-03 CVE-2021-42554 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51.
local
low complexity
insyde siemens CWE-787
7.2
2021-06-16 CVE-2020-27339 Improper Input Validation vulnerability in multiple products
In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory.
local
low complexity
insyde siemens CWE-20
7.2
2020-11-12 CVE-2020-0590 Improper Input Validation vulnerability in multiple products
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-20
7.8