Siemens Simatic Ipc847e Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Simatic Ipc847e Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2021-33627 — CVSS 8.2 (high): An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4…
CVE-2021-42554 — CVSS 8.2 (high): An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel…
CVE-2021-41838 — CVSS 8.2 (high): An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker…
CVE-2021-41837 — CVSS 8.2 (high): An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that…
CVE-2021-33626 — CVSS 7.8 (high): A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate…
CVE-2020-0590 — CVSS 7.8 (high): Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of…
CVE-2021-33625 — CVSS 7.5 (high): An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function…
CVE-2020-5953 — CVSS 7.5 (high): A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that…
CVE-2020-8745 — CVSS 6.8 (medium): Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40…
CVE-2020-8703 — CVSS 6.7 (medium): Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17…
CVE-2020-12357 — CVSS 6.7 (medium): Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of…
CVE-2020-27339 — CVSS 6.7 (medium): In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters…
CVE-2021-42059 — CVSS 6.7 (medium): An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3…
CVE-2020-8670 — CVSS 6.4 (medium): Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via…
CVE-2020-8704 — CVSS 6.4 (medium): Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation…
CVE-2020-0543 — CVSS 5.5 (medium): Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to…
CVE-2020-8698 — CVSS 5.5 (medium): Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information…
CVE-2020-24507 — CVSS 4.4 (medium): Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17…
CVE-2020-24506 — CVSS 4.4 (medium): Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a…