Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
Related vulnerabilities
WID-SEC-W-2023-0991
Vulnerability from csaf_certbund - Published: 2023-04-17 22:00 - Updated: 2023-04-17 22:00Summary
Dell Computer: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das BIOS ist die Firmware bei IBM PC kompatiblen Computern.
Dell Inc. ist ein Hersteller u. a. von Computern.
InsydeH2O UEFI BIOS ist eine proprietäre, lizenzierte UEFI-BIOS-Firmware, die Intel und AMD basierte Computer unterstützt.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Dell Computer und Insyde UEFI Firmware ausnutzen, um Informationen offenzulegen und weitere nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - BIOS/Firmware
Es existiert eine Schwachstelle in Dell Computern und Insyde UEFI Firmware. SMI-Funktionen in AhciBusDxe verwenden nicht vertrauenswürdige Eingänge, was zur Beschädigung des SMRAM führt. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Es existiert eine Schwachstelle in Dell Computern und Insyde UEFI Firmware. Das Festplattenpasswort wird im Klartext gespeichert. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
References
| URL | Category | |
|---|---|---|
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das BIOS ist die Firmware bei IBM PC kompatiblen Computern.\r\nDell Inc. ist ein Hersteller u. a. von Computern.\r\nInsydeH2O UEFI BIOS ist eine propriet\u00e4re, lizenzierte UEFI-BIOS-Firmware, die Intel und AMD basierte Computer unterst\u00fctzt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell Computer und Insyde UEFI Firmware ausnutzen, um Informationen offenzulegen und weitere nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0991 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0991.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0991 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0991"
},
{
"category": "external",
"summary": "Insyde Security Advisory",
"url": "https://www.insyde.com/security-pledge/SA-2022059"
},
{
"category": "external",
"summary": "Insyde Security Advisory",
"url": "https://www.insyde.com/security-pledge/SA-2022025"
},
{
"category": "external",
"summary": "Dell Security Advisory vom 2023-04-17",
"url": "https://www.dell.com/support/kbdoc/de-de/000212207/dsa-2023-048-dell-client-platform-security-update-for-multiple-insyde-uefi-bios-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell Computer: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-17T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:49:04.448+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0991",
"initial_release_date": "2023-04-17T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-17T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T016637",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
},
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Insyde UEFI Firmware",
"product": {
"name": "Insyde UEFI Firmware",
"product_id": "T026842",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:-"
}
}
}
],
"category": "vendor",
"name": "Insyde"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-29276",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Dell Computern und Insyde UEFI Firmware. SMI-Funktionen in AhciBusDxe verwenden nicht vertrauensw\u00fcrdige Eing\u00e4nge, was zur Besch\u00e4digung des SMRAM f\u00fchrt. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T016637",
"T026842"
]
},
"release_date": "2023-04-17T22:00:00.000+00:00",
"title": "CVE-2022-29276"
},
{
"cve": "CVE-2021-38489",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Dell Computern und Insyde UEFI Firmware. Das Festplattenpasswort wird im Klartext gespeichert. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T016637",
"T026842"
]
},
"release_date": "2023-04-17T22:00:00.000+00:00",
"title": "CVE-2021-38489"
}
]
}
GSD-2021-38489
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-38489",
"id": "GSD-2021-38489"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-38489"
],
"id": "GSD-2021-38489",
"modified": "2023-12-13T01:23:17.898790Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38489",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
SSA-306654
Vulnerability from csaf_siemens - Published: 2022-02-22 00:00 - Updated: 2025-04-08 00:00Summary
SSA-306654: Insyde BIOS Vulnerabilities in Siemens Industrial Products
Notes
Summary: Insyde has published information on vulnerabilities in Insyde BIOS in
February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities.
Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
7.5 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
6.7 (Medium)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
7.5 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
7.8 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
7.8 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
6.7 (Medium)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.4 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
7.5 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
5.2 (Medium)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
None Available
Currently no fix is available
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V25.02.15 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
6.7 (Medium)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.4 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.4 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.4 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.4 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
8.2 (High)
Mitigation
As a prerequisite for an attack, an attacker must be able to run
untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code
Vendor Fix
Update to V1.0.202N or later version
Vendor Fix
Update to V21.01.17 or later version
Vendor Fix
Update to V22.01.10 or later version
Vendor Fix
Update to V23.01.10 or later version
Vendor Fix
Update to V25.02.12 or later version
Vendor Fix
Update to V26.01.13 or later version
Vendor Fix
Update to V27.01.09 or later version
Vendor Fix
Update to V28.01.04 or later version
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Insyde has published information on vulnerabilities in Insyde BIOS in \nFebruary 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities.\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-306654: Insyde BIOS Vulnerabilities in Siemens Industrial Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-306654.html"
},
{
"category": "self",
"summary": "SSA-306654: Insyde BIOS Vulnerabilities in Siemens Industrial Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-306654.json"
}
],
"title": "SSA-306654: Insyde BIOS Vulnerabilities in Siemens Industrial Products",
"tracking": {
"current_release_date": "2025-04-08T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-306654",
"initial_release_date": "2022-02-22T00:00:00Z",
"revision_history": [
{
"date": "2022-02-22T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2022-03-08T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Corrected AV:L for all CVEs, added RUGGEDCOM APE1808 and SIMATIC IPC477E PRO"
},
{
"date": "2022-07-12T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2021-43613, CVE-2021-43614 and CVE-2021-38489, add fix for SIMATIC Field PG M6, SIMATIC ITP1000 for all CVEs except CVE-2021-43613"
},
{
"date": "2022-08-09T00:00:00Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added fix for SIMATIC IPC227G, SIMATIC IPC277G, SIMATIC IPC327G, SIMATIC IPC377G, clarified affected versions for RUGGEDCOM APE1808"
},
{
"date": "2022-10-11T00:00:00Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added partial fix for SIMATIC IPC427E, SIMATIC IPC477E, SIMATIC IPC477E Pro"
},
{
"date": "2023-02-14T00:00:00Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Added partial fix for SIMATIC IPC627E, SIMATIC IPC677E, SIMATIC IPC677E, and SIMATIC IPC847E"
},
{
"date": "2023-07-11T00:00:00Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added fix SIMATIC Field PG M5"
},
{
"date": "2023-08-08T00:00:00Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Removed fix for SIMATIC Field PG M6 as fix version was withdrawn"
},
{
"date": "2023-11-14T00:00:00Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Added fix for SIMATIC IPC127E"
},
{
"date": "2025-04-08T00:00:00Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Added fix for all CVE IDs for SIMATIC Field PG M6; Added fix for CVE-2021-43613 for SIMATIC IPC627E / IPC647E / IPC677E / IPC847E; Removed fix for CVE-2021-43613 for SIMATIC Field PG M5 as this CVE was not fixed in version V22.01.11; RUGGEDCOM APE1808 - BIOS: Removed CVE-2020-5953, CVE-2021-41840 and CVE-2021-43614 as not affected; added the link to the APE software upgrade tool to apply a BIOS version that fixes the other CVE IDs"
}
],
"status": "interim",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V1.0.202N",
"product": {
"name": "RUGGEDCOM APE1808 - BIOS",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808 - BIOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV22.01.10",
"product": {
"name": "SIMATIC Field PG M5",
"product_id": "2"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC Field PG M5",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV26.01.13",
"product": {
"name": "SIMATIC Field PG M6",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV27.01.09",
"product": {
"name": "SIMATIC IPC127E",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC127E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV28.01.04",
"product": {
"name": "SIMATIC IPC227G",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC227G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV28.01.04",
"product": {
"name": "SIMATIC IPC277G",
"product_id": "7"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC277G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV28.01.04",
"product": {
"name": "SIMATIC IPC327G",
"product_id": "8"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC327G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV28.01.04",
"product": {
"name": "SIMATIC IPC377G",
"product_id": "9"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC377G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV21.01.17",
"product": {
"name": "SIMATIC IPC427E",
"product_id": "10"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC427E",
"product_id": "11"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC427E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV21.01.17",
"product": {
"name": "SIMATIC IPC477E",
"product_id": "12"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC477E",
"product_id": "13"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV21.01.17",
"product": {
"name": "SIMATIC IPC477E PRO",
"product_id": "14"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC477E PRO",
"product_id": "15"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.12",
"product": {
"name": "SIMATIC IPC627E",
"product_id": "16"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC627E",
"product_id": "17"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC627E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.12",
"product": {
"name": "SIMATIC IPC647E",
"product_id": "18"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC647E",
"product_id": "19"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC647E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.12",
"product": {
"name": "SIMATIC IPC677E",
"product_id": "20"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC677E",
"product_id": "21"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC677E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.12",
"product": {
"name": "SIMATIC IPC847E",
"product_id": "22"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC847E",
"product_id": "23"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC847E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV23.01.10",
"product": {
"name": "SIMATIC ITP1000",
"product_id": "24"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC ITP1000",
"product_id": "25"
}
}
],
"category": "product_name",
"name": "SIMATIC ITP1000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV28.01.04",
"product": {
"name": "SIMATIC\u00a0IPC277G PRO",
"product_id": "26"
}
}
],
"category": "product_name",
"name": "SIMATIC\u00a0IPC277G PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV21.01.17",
"product": {
"name": "SIPLUS IPC427E",
"product_id": "27"
}
},
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIPLUS IPC427E",
"product_id": "28"
}
}
],
"category": "product_name",
"name": "SIPLUS IPC427E"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-5953",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2020-5953"
},
{
"cve": "CVE-2020-27339",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2020-27339"
},
{
"cve": "CVE-2021-33625",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-33625"
},
{
"cve": "CVE-2021-33626",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the PnpSmm, SmmResourceCheckDxe, and BeepStatusCode drivers are 05.08.23, 05.16.23, 05.26.23, 05.35.23, 05.43.23, and 05.51.23 (for Kernel 5.0 through 5.5).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-33626"
},
{
"cve": "CVE-2021-33627",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-33627"
},
{
"cve": "CVE-2021-38489",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the the HddPasswordPei driver of the Insyde InsydeH2O 5.x. HDD password is stored in plaintext.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-38489"
},
{
"cve": "CVE-2021-41837",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-41837"
},
{
"cve": "CVE-2021-41838",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-41838"
},
{
"cve": "CVE-2021-41839",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-41839"
},
{
"cve": "CVE-2021-41840",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-41840"
},
{
"cve": "CVE-2021-41841",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-41841"
},
{
"cve": "CVE-2021-42059",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE driver.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-42059"
},
{
"cve": "CVE-2021-42060",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O Kernel 5.0 through 05.08.41, Kernel 5.1 through 05.16.41, Kernel 5.2 before 05.23.22, and Kernel 5.3 before 05.32.22. An Int15ServiceSmm SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-42060"
},
{
"cve": "CVE-2021-42113",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 before 05.14.28, Kernel 5.2 before 05.24.28, and Kernel 5.3 before 05.32.25. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-42113"
},
{
"cve": "CVE-2021-42554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in FvbServicesRuntimeDxe allows a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-42554"
},
{
"cve": "CVE-2021-43323",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-43323"
},
{
"cve": "CVE-2021-43522",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. A StorageSecurityCommandDxe SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-43522"
},
{
"cve": "CVE-2021-43613",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Insyde InsydeH2O 5.x, affecting SysPasswordDxe that exposes user and administrator password hashes in runtime UEFI variables, leading to escalation of privilege.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"11",
"13",
"15",
"17",
"19",
"21",
"23",
"25",
"28"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"3",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"11",
"13",
"15",
"17",
"19",
"21",
"23",
"25",
"28"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"3",
"11",
"13",
"15",
"25",
"28"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.15 or later version",
"product_ids": [
"17",
"19",
"21",
"23"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"11",
"13",
"15",
"17",
"19",
"21",
"23",
"25",
"28"
]
}
],
"title": "CVE-2021-43613"
},
{
"cve": "CVE-2021-43614",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Error in handling the PlatformLangCodes UEFI variable in the VariableEditSmm driver could cause a buffer overflow, leading to resource exhaustion and failure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-43614"
},
{
"cve": "CVE-2021-43615",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and 5.5 before 05.51.22. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-43615"
},
{
"cve": "CVE-2021-45969",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-45969"
},
{
"cve": "CVE-2021-45970",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-45970"
},
{
"cve": "CVE-2021-45971",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2021-45971"
},
{
"cve": "CVE-2022-24030",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2022-24030"
},
{
"cve": "CVE-2022-24031",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2022-24031"
},
{
"cve": "CVE-2022-24069",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run\nuntrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code",
"product_ids": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.0.202N or later version",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V21.01.17 or later version",
"product_ids": [
"10",
"12",
"14",
"27"
]
},
{
"category": "vendor_fix",
"details": "Update to V22.01.10 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Update to V23.01.10 or later version",
"product_ids": [
"24"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.12 or later version",
"product_ids": [
"16",
"18",
"20",
"22"
]
},
{
"category": "vendor_fix",
"details": "Update to V26.01.13 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V27.01.09 or later version",
"product_ids": [
"5"
]
},
{
"category": "vendor_fix",
"details": "Update to V28.01.04 or later version",
"product_ids": [
"6",
"7",
"26",
"8",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"4",
"5",
"6",
"7",
"26",
"8",
"9",
"10",
"12",
"14",
"16",
"18",
"20",
"22",
"24",
"27"
]
}
],
"title": "CVE-2022-24069"
}
]
}