CVE-2020-5953

First published: Thu Feb 03 2022(Updated: )

A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/references
• agent/author
• agent/severity
• agent/tags
• agent/type
• agent/event
• agent/description
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• collector/mitre-cve
• source/MITRE
• vendor/insyde
• canonical/insyde insydeh2o
• version/insyde insydeh2o/5.12.09.0074
• version/insyde insydeh2o/5.23.04.0045
• version/insyde insydeh2o/5.23.45.0023
• version/insyde insydeh2o/5.33.15.0034
• version/insyde insydeh2o/5.34.03.0029
• version/insyde insydeh2o/5.42.03.0010
• vendor/siemens
• canonical/siemens ruggedcom ape1808 firmware
• canonical/siemens ruggedcom ape1808
• canonical/siemens simatic field pg m6 firmware
• canonical/siemens simatic field pg m6
• canonical/siemens simatic ipc127e firmware
• canonical/siemens simatic ipc127e
• canonical/siemens simatic ipc227g firmware
• canonical/siemens simatic ipc227g
• canonical/siemens simatic ipc277g firmware
• canonical/siemens simatic ipc277g
• canonical/siemens simatic itp1000 firmware
• canonical/siemens simatic itp1000
• canonical/siemens simatic ipc477e pro firmware
• canonical/siemens simatic ipc477e pro
• canonical/siemens simatic ipc627e firmware
• canonical/siemens simatic ipc627e
• canonical/siemens simatic ipc647e firmware
• canonical/siemens simatic ipc647e
• canonical/siemens simatic ipc677e firmware
• canonical/siemens simatic ipc677e
• canonical/siemens simatic ipc847e firmware
• canonical/siemens simatic ipc847e
• canonical/siemens simatic ipc327g firmware
• canonical/siemens simatic ipc327g
• canonical/siemens simatic ipc377g firmware
• canonical/siemens simatic ipc377g
• canonical/siemens simatic ipc427e firmware
• canonical/siemens simatic ipc427e
• canonical/siemens simatic ipc477e firmware
• canonical/siemens simatic ipc477e
• canonical/siemens simatic field pg m5 firmware
• canonical/siemens simatic field pg m5