CVE-2021-33625 in Insyde and NetApp Products
Published on February 3, 2022

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.

NVD

Products Associated with CVE-2021-33625

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-33625 are published in these products:

Insydeh2o

NetApp Fasaff Bios

Exploit Probability

EPSS

0.06%

Percentile

19.50%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-33625 in Insyde and NetApp ProductsPublished on February 3, 2022

Products Associated with CVE-2021-33625

Exploit Probability

CVE-2021-33625 in Insyde and NetApp Products
Published on February 3, 2022