An issue exists in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
insyde insydeh2o |
||
siemens simatic_field_pg_m5_firmware |
||
siemens simatic_field_pg_m6_firmware |
||
siemens simatic_ipc127e_firmware |
||
siemens simatic_ipc227g_firmware |
||
siemens simatic_ipc277g_firmware |
||
siemens simatic_ipc327g_firmware |
||
siemens simatic_ipc377g_firmware |
||
siemens simatic_ipc427e_firmware |
||
siemens simatic_ipc477e_firmware |
||
siemens simatic_ipc627e_firmware |
||
siemens simatic_ipc647e_firmware |
||
siemens simatic_ipc677e_firmware |
||
siemens simatic_ipc847e_firmware |
||
siemens simatic_itp1000_firmware |