A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220222-0005/ | Third Party Advisory |
https://www.insyde.com/products | Product Vendor Advisory |
https://www.insyde.com/security-pledge | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
History
12 Apr 2022, 18:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220222-0005/ - Third Party Advisory | |
CPE | cpe:2.3:o:siemens:simatic_ipc847e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc277g:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc327g_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itp1000_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc677e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc627e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc327g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc647e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc377g_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc277g_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc427e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc127e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc227g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_ipc377g:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_ipc227g_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Siemens simatic Ipc627e Firmware
Siemens ruggedcom Ape1808 Siemens Siemens ruggedcom Ape1808 Firmware Siemens simatic Ipc377g Firmware Siemens simatic Ipc127e Firmware Siemens simatic Ipc277g Siemens simatic Ipc277g Firmware Siemens simatic Ipc327g Firmware Siemens simatic Ipc477e Firmware Siemens simatic Ipc847e Firmware Siemens simatic Itp1000 Siemens simatic Ipc227g Firmware Siemens simatic Field Pg M5 Firmware Siemens simatic Field Pg M5 Siemens simatic Ipc427e Siemens simatic Ipc677e Firmware Siemens simatic Ipc647e Firmware Siemens simatic Ipc327g Siemens simatic Ipc627e Siemens simatic Ipc677e Siemens simatic Ipc847e Siemens simatic Ipc477e Pro Siemens simatic Ipc427e Firmware Siemens simatic Ipc377g Siemens simatic Field Pg M6 Firmware Siemens simatic Ipc127e Siemens simatic Ipc477e Siemens simatic Ipc647e Siemens simatic Field Pg M6 Siemens simatic Ipc477e Pro Firmware Siemens simatic Ipc227g Siemens simatic Itp1000 Firmware |
24 Feb 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Feb 2022, 20:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:insyde:insydeh2o:5.34.03.0029:*:*:*:*:*:*:* cpe:2.3:a:insyde:insydeh2o:5.33.15.0034:*:*:*:*:*:*:* cpe:2.3:a:insyde:insydeh2o:5.12.09.0074:*:*:*:*:*:*:* cpe:2.3:a:insyde:insydeh2o:5.23.04.0045:*:*:*:*:*:*:* cpe:2.3:a:insyde:insydeh2o:5.23.45.0023:*:*:*:*:*:*:* cpe:2.3:a:insyde:insydeh2o:5.42.03.0010:*:*:*:*:*:*:* |
|
References | (MISC) https://www.insyde.com/security-pledge - Vendor Advisory | |
References | (MISC) https://www.insyde.com/products - Product, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.5 |
First Time |
Insyde
Insyde insydeh2o |
|
CWE | NVD-CWE-noinfo |
03 Feb 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-03 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2020-5953
Mitre link : CVE-2020-5953
CVE.ORG link : CVE-2020-5953
JSON object : View
Products Affected
siemens
- simatic_ipc847e_firmware
- simatic_ipc677e_firmware
- simatic_ipc627e
- simatic_ipc427e_firmware
- ruggedcom_ape1808_firmware
- simatic_ipc227g_firmware
- simatic_field_pg_m5_firmware
- simatic_itp1000_firmware
- simatic_ipc277g
- simatic_itp1000
- simatic_field_pg_m5
- simatic_ipc477e
- simatic_ipc627e_firmware
- simatic_ipc327g_firmware
- simatic_ipc277g_firmware
- simatic_ipc847e
- simatic_ipc377g
- simatic_ipc477e_firmware
- simatic_field_pg_m6_firmware
- simatic_ipc377g_firmware
- ruggedcom_ape1808
- simatic_ipc647e_firmware
- simatic_field_pg_m6
- simatic_ipc127e_firmware
- simatic_ipc127e
- simatic_ipc477e_pro_firmware
- simatic_ipc327g
- simatic_ipc427e
- simatic_ipc647e
- simatic_ipc227g
- simatic_ipc477e_pro
- simatic_ipc677e
insyde
- insydeh2o
CWE