CVE-2020-5953

HIGH Year: 2020
CVSS v3 Score
7.5
High
CVSS v2 Score
6.9
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).

Related Vulnerabilities

CVE-1999-0236

HIGH
CVSS:7.5(High)

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

NVD-CWE-Other1999

CVE-2003-1604

HIGH
CVSS:7.5(High)

The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending p...

NVD-CWE-Other2003

CVE-2007-3816

HIGH
CVSS:7.5(High)

JWIG might allow context-dependent attackers to cause a denial of service (service degradation) via loops of references to external templates. NOTE: this issue has been disputed by multiple third part...

NVD-CWE-Other2007

CVE-2010-3035

HIGH
CVSS:7.5(High)

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a cra...

NVD-CWE-Other2010

CVE-2011-2699

HIGH
CVSS:7.5(High)

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of...

NVD-CWE-Other2011

CVE-2011-4115

HIGH
CVSS:7.5(High)

Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.

NVD-CWE-Other2011