CVE-2021-41840 in InsydeH2Oinfo

Zusammenfassung (Englisch)

An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservieren

01.10.2021

Veröffentlichung

03.02.2022

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
192155	Insyde InsydeH2O SMM Pufferüberlauf	119	Nicht definiert	Offizieller Fix	CVE-2021-41840

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Interested in the pricing of exploits?

See the underground prices here!