A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
insyde insydeh2o 5.12.09.0074 |
||
insyde insydeh2o 5.23.04.0045 |
||
insyde insydeh2o 5.23.45.0023 |
||
insyde insydeh2o 5.33.15.0034 |
||
insyde insydeh2o 5.34.03.0029 |
||
insyde insydeh2o 5.42.03.0010 |
||
siemens ruggedcom_ape1808_firmware - |
||
siemens simatic_field_pg_m6_firmware - |
||
siemens simatic_ipc127e_firmware - |
||
siemens simatic_ipc227g_firmware - |
||
siemens simatic_ipc277g_firmware - |
||
siemens simatic_itp1000_firmware - |
||
siemens simatic_ipc477e_pro_firmware - |
||
siemens simatic_ipc627e_firmware - |
||
siemens simatic_ipc647e_firmware - |
||
siemens simatic_ipc677e_firmware - |
||
siemens simatic_ipc847e_firmware - |
||
siemens simatic_ipc327g_firmware - |
||
siemens simatic_ipc377g_firmware - |
||
siemens simatic_ipc427e_firmware - |
||
siemens simatic_ipc477e_firmware - |
||
siemens simatic_field_pg_m5_firmware - |