Published: 03/02/2022 Updated: 18/04/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

An issue exists in Insyde InsydeH2O Kernel 5.0 prior to 05.08.41, Kernel 5.1 prior to 05.16.41, Kernel 5.2 prior to 05.26.41, Kernel 5.3 prior to 05.35.41, and Kernel 5.4 prior to 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE driver.

Vulnerable Product	Search on Vulmon	Subscribe to Product
insyde insydeh2o
siemens simatic field pg m5 firmware
siemens simatic field pg m6 firmware
siemens simatic ipc127e firmware
siemens simatic ipc227g firmware
siemens simatic ipc277g firmware
siemens simatic ipc327g firmware
siemens simatic ipc377g firmware
siemens simatic ipc427e firmware
siemens simatic ipc477e firmware
siemens simatic ipc627e firmware
siemens simatic ipc647e firmware
siemens simatic ipc677e firmware
siemens simatic ipc847e firmware
siemens simatic itp1000 firmware

CWE-787 https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022006 https://security.netapp.com/advisory/ntap-20220216-0008/https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf https://nvd.nist.gov https://www.kb.cert.org/vuls/id/796611

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-42059

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect