CVE-2020-27339

MEDIUM Year: 2020
CVSS v3 Score
6.7
Medium
CVSS v2 Score
7.2
High
Weakness Type
CWE-20
View all →

Vulnerability Description

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).

Related Vulnerabilities

CVE-2017-12255

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entere...

CWE-202017

CVE-2017-12301

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operat...

CWE-202017

CVE-2017-12312

MEDIUM
CVSS:6.7(Medium)

An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a loc...

CWE-202017

CVE-2017-12334

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to ...

CWE-202017

CVE-2017-15651

MEDIUM
CVSS:6.7(Medium)

PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.

CWE-202017

CVE-2017-18452

MEDIUM
CVSS:6.7(Medium)

cPanel before 64.0.21 allows code execution via Rails configuration files (SEC-259).

CWE-202017