An issue exists in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
insyde insydeh2o |
||
netapp fas\\/aff bios - |
||
siemens ruggedcom_ape1808_firmware - |
||
siemens simatic_field_pg_m5_firmware - |
||
siemens simatic_ipc127e_firmware - |
||
siemens simatic_itp1000_firmware - |
||
siemens simatic_ipc277g_firmware - |
||
siemens simatic_ipc227g_firmware - |
||
siemens simatic_ipc327g_firmware - |
||
siemens simatic_ipc377g_firmware - |
||
siemens simatic_ipc427e_firmware - |
||
siemens simatic_ipc477e_firmware - |
||
siemens simatic_ipc477e_pro_firmware - |
||
siemens simatic_ipc627e_firmware - |
||
siemens simatic_ipc647e_firmware - |
||
siemens simatic_ipc677e_firmware - |
||
siemens simatic_ipc847e_firmware - |
||
siemens simatic_field_pg_m6_firmware - |
Vulmon