Unsafe pointer vulnerability in Dell InsydeH2O UEFI Firmware - CVE-2021-41838ID: oval:org.secpod.oval:def:77812 | Date: (C)2022-02-18 (M)2023-05-14 |
Class: VULNERABILITY | Family: windows |
An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer "ptr" to read or write or manipulate data in the SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler.
Platform: |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 7 |
Microsoft Windows Server |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |