Lucene search

[email protected]CVE-2020-27339

HistoryJun 16, 2021 - 4:15 p.m.

CVE-2020-27339

2021-06-1616:15:07

CWE-20

[email protected]

web.nvd.nist.gov

cve-2020-27339

insyde insydeh2o

smm drivers

firmware corruption

os memory corruption

parameter validation

05.16.25

05.26.25

05.35.25

05.43.25

05.51.25

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).

Affected configurations

NVD

Node

insydeinsydeh2oRange5.3–5.34.44

Node

insydeinsydeh2oRange5.2–5.25.44

Node

insydeinsydeh2oRange5.1–5.16.25

Node

insydeinsydeh2oRange5.4–5.42.44

Node

insydeinsydeh2oRange5.3–5.35.25

Node

insydeinsydeh2oRange5.2–5.26.25

Node

insydeinsydeh2oRange5.4–5.43.25

Node

siemensruggedcom_apr1808_firmwareMatch-

AND

siemensruggedcom_apr1808Match-

Node

siemenssimatic_field_pg_m5_firmwareMatch-

AND

siemenssimatic_field_pg_m5Match-

Node

siemenssimatic_field_pg_m6_firmwareMatch-

AND

siemenssimatic_field_pg_m6Match-

Node

siemenssimatic_ipc127e_firmwareMatch-

AND

siemenssimatic_ipc127eMatch-

Node

siemenssimatic_ipc227g_firmwareMatch-

AND

siemenssimatic_ipc227gMatch-

Node

siemenssimatic_ipc277g_firmwareMatch-

AND

siemenssimatic_ipc277gMatch-

Node

siemenssimatic_ipc327g_firmwareMatch-

AND

siemenssimatic_ipc327gMatch-

Node

siemenssimatic_ipc377g_firmwareMatch-

AND

siemenssimatic_ipc377gMatch-

Node

siemenssimatic_ipc427e_firmwareMatch-

AND

siemenssimatic_ipc427eMatch-

Node

siemenssimatic_ipc477e_firmwareMatch-

AND

siemenssimatic_ipc477eMatch-

Node

siemenssimatic_ipc477e_pro_firmwareMatch-

AND

siemenssimatic_ipc477e_proMatch-

Node

siemenssimatic_ipc627e_firmwareMatch-

AND

siemenssimatic_ipc627eMatch-

Node

siemenssimatic_ipc647e_firmwareMatch-

AND

siemenssimatic_ipc647eMatch-

Node

siemenssimatic_ipc677e_firmwareMatch-

AND

siemenssimatic_ipc677eMatch-

Node

siemenssimatic_ipc847e_firmwareMatch-

AND

siemenssimatic_ipc847eMatch-

Node

siemenssimatic_itp1000_firmwareMatch-

AND

siemenssimatic_itp1000Match-

CPENameOperatorVersion
insyde:insydeh2oinsyde insydeh2olt5.34.44

CPE	Name	Operator	Version
insyde:insydeh2o	insyde insydeh2o	lt	5.34.44

References

cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf

security.netapp.com/advisory/ntap-20220216-0005/

www.insyde.com/security-pledge/SA-2021001

Social References

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2020-27339

nessus1 cnvd1 nvd2 cvelist1 prion1 cve1 cert1 f51