https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf No Types Assigned

https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf Third Party Advisory

https://security.netapp.com/advisory/ntap-20220216-0010/ No Types Assigned

https://security.netapp.com/advisory/ntap-20220216-0010/ Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf [No Types Assigned]

https://security.netapp.com/advisory/ntap-20220216-0010/ [No Types Assigned]

NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)

NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)

NIST AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST CWE-787

NIST NVD-CWE-noinfo

https://www.insyde.com/security-pledge/SA-2022013 No Types Assigned

https://www.insyde.com/security-pledge/SA-2022013 Vendor Advisory

SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.

An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and 5.5 before 05.51.22. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

https://www.insyde.com/security-pledge/SA-2022013 [No Types Assigned]

OR
     *cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:* versions from (including) 5.1 up to (excluding) 5.16.23

OR
     *cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:* versions from (including) 5.2 up to (excluding) 5.23.22

OR
     *cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:* versions from (including) 5.3 up to (excluding) 5.32.22

NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST NVD-CWE-noinfo

https://www.insyde.com/security-pledge No Types Assigned

https://www.insyde.com/security-pledge Vendor Advisory