Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/01/2022 Updated: 29/03/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

An issue exists in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 prior to 05.16.25, 5.2 prior to 05.26.25, 5.3 prior to 05.35.25, 5.4 prior to 05.43.25, and 5.5 prior to 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location).

Vulnerable Product	Search on Vulmon	Subscribe to Product
insyde insydeh2o

CWE-787 https://www.insyde.com/security-pledge https://security.netapp.com/advisory/ntap-20220216-0004/https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf https://nvd.nist.gov https://www.kb.cert.org/vuls/id/796611

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-45969

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect