An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.
References
| Link | Resource |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf | Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20220222-0004/ | Third Party Advisory |
| https://www.insyde.com/security-pledge | Vendor Advisory |
| https://www.insyde.com/security-pledge/SA-2022014 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
Configuration 20 (hide)
| AND |
|
Configuration 21 (hide)
| AND |
|
Configuration 22 (hide)
| AND |
|
History
12 Apr 2022, 18:17
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc127e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc227g_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc847e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas\/aff_bios:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc327g_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc627e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc377g_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc427e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc277g_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itp1000_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc227g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc327g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc377g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc277g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc677e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc647e_firmware:-:*:*:*:*:*:*:* |
|
| References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220222-0004/ - Third Party Advisory | |
| References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf - Third Party Advisory |
24 Feb 2022, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
09 Feb 2022, 19:36
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.insyde.com/security-pledge/SA-2022014 - Vendor Advisory | |
| References | (MISC) https://www.insyde.com/security-pledge - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.5 |
| CPE | cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:* | |
| CWE | CWE-119 |
08 Feb 2022, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses. | |
| References |
|
03 Feb 2022, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-02-03 02:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-33625
Mitre link : CVE-2021-33625
CVE.ORG link : CVE-2021-33625
JSON object : View
Products Affected
siemens
- ruggedcom_ape1808_firmware
- simatic_ipc227g
- simatic_field_pg_m6_firmware
- simatic_ipc647e_firmware
- simatic_ipc477e_pro_firmware
- simatic_ipc227g_firmware
- simatic_ipc327g_firmware
- simatic_ipc847e
- simatic_ipc377g_firmware
- simatic_itp1000
- simatic_ipc377g
- simatic_ipc477e_pro
- simatic_ipc477e
- simatic_ipc647e
- simatic_ipc277g
- ruggedcom_ape1808
- simatic_ipc327g
- simatic_ipc627e
- simatic_ipc847e_firmware
- simatic_field_pg_m5_firmware
- simatic_ipc427e
- simatic_itp1000_firmware
- simatic_ipc627e_firmware
- simatic_ipc127e_firmware
- simatic_field_pg_m5
- simatic_ipc427e_firmware
- simatic_ipc477e_firmware
- simatic_field_pg_m6
- simatic_ipc677e_firmware
- simatic_ipc677e
- simatic_ipc127e
- simatic_ipc277g_firmware
netapp
- fas\/aff_bios
insyde
- insydeh2o
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer