Simatic Ipc477e Pro Firmware Security Vulnerabilities and Issues — Simatic Ipc477e Pro Firmware CVE List

Lucene search

SiemensSimatic Ipc477e Pro Firmware

12 matches found

CVE•added 2020/06/15 2:15 p.m.•939 views

CVE-2020-0543

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00533EPSS

CVE•added 2018/05/22 12:29 p.m.•725 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS

CVE•added 2020/11/12 6:15 p.m.•304 views

CVE-2020-8698

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.6AI score0.00065EPSS

CVE•added 2021/06/09 7:15 p.m.•95 views

CVE-2020-12357

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

6.7CVSS7AI score0.00098EPSS

CVE•added 2022/02/03 1:15 a.m.•83 views

CVE-2020-5953

A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating ...

7.5CVSS7.8AI score0.0021EPSS

CVE•added 2021/10/01 3:15 a.m.•81 views

CVE-2021-33626

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execut...

7.8CVSS8AI score0.00081EPSS

CVE•added 2021/06/16 4:15 p.m.•76 views

CVE-2020-27339

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and S...

7.2CVSS6.6AI score0.00049EPSS

CVE•added 2021/06/09 7:15 p.m.•76 views

CVE-2020-8670

Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

6.4CVSS6.8AI score0.00053EPSS

CVE•added 2022/02/03 2:15 a.m.•74 views

CVE-2021-33625

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.

7.5CVSS7.6AI score0.00066EPSS

CVE•added 2021/06/09 7:15 p.m.•66 views

CVE-2020-24507

Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.

4.4CVSS4.6AI score0.00095EPSS

CVE•added 2021/06/09 7:15 p.m.•53 views

CVE-2020-8703

Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7CVSS6.6AI score0.00066EPSS

CVE•added 2021/06/09 7:15 p.m.•53 views

CVE-2020-8704

Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

6.4CVSS6.3AI score0.00116EPSS