CVE-2021-33627

{"id": "CVE-2021-33627", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}]}, "published": "2022-02-03T02:15:06.983", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20220222-0002/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/security-pledge", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/security-pledge/SA-2022022", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses."}, {"lang": "es", "value": "Se ha descubierto un problema en InsydeH2O versi\u00f3n 5.x, que afecta a FwBlockServiceSmm. Los servicios SMI de software que utilizan la funci\u00f3n Communicate() del EFI_SMM_COMMUNICATION_PROTOCOL no comprueban si la direcci\u00f3n del b\u00fafer es v\u00e1lida, lo que permite el uso de direcciones SMRAM, MMIO o del n\u00facleo del SO"}], "lastModified": "2024-07-22T17:15:02.883", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95221F93-8BE6-47E3-BFB4-E7603C320F0D", "versionEndExcluding": "5.08.29", "versionStartIncluding": "5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D26CDAE4-0D04-4EB2-8A8C-CDEBDF8BA38C", "versionEndExcluding": "5.16.29", "versionStartIncluding": "5.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0546FD8-0648-46EB-893F-411F869077E5", "versionEndExcluding": "5.26.29", "versionStartIncluding": "5.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89966555-5DD1-4C61-B3B2-7AF7AF7D24D9", "versionEndExcluding": "5.35.29", "versionStartIncluding": "5.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "506DEE00-30D2-4E29-9645-757EB8778C0F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "324ADC7E-AECD-4B7D-8571-5399542C2BF6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F3C3E60-7C36-4F5D-B454-97C9D0FD9459"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "480C5657-5C05-40F5-B76A-E67119727ED8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F63C0B17-60E2-4240-92FD-4B7C7D8F2C8B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc127e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AEB5AD1-3973-4150-BEA2-C9DE0B98222F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc227g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D1E85AC-1305-4C5E-AD8B-39B2654F6057"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc227g_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3F52F29-0ACF-4ECC-927A-0CB27399E5D9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc277g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "320F5752-86B3-4C08-89D0-02272753A6D0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc277g_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F203C449-2B5C-47A1-BF3D-8DCFD29F0B18"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc327g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC7303D1-CC95-42C7-B843-C3B3B3336669"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc327g_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A37FB5EC-BB64-472C-81FC-8EEF238E3C12"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc377g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FDD6F034-BC50-4223-AE5D-319F04C866A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc377g_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45013BCA-3897-4D58-81FA-D8CB9D19268C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6422BF3-01B7-443B-BD2B-80E45D7C3F5F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A40D0CDB-7BE6-491F-B730-3B4E10CA159A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "696F47E6-C1CA-4A58-A91F-4B3EA92954AF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FDF9D4C3-1892-48FA-95B4-835B636A4005"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F712060C-ECDB-4BC7-B9B9-468B41DE615B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9D9AF082-8345-4BE1-B1FC-6E0316BB833B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D511C170-65E5-416D-B7CE-557A503F25AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E430C4C5-D887-47C6-B50F-66EEE9519151"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "577C19F5-82ED-46DF-91CC-A074DE99EBDD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F9FA42D-B2F0-456F-89B7-6A5789787FBA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEF4592C-5DB3-45F4-B354-59701BBA0C08"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1157418C-14C4-43C4-B63E-7E98D868A94F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87F0538B-ED6E-40C7-9C2A-4C5DC3D2935E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "187C6D51-5B86-484D-AE0F-26D1C9465580"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}