Simatic_ipc427e_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Simatic_ipc427e_firmware
(Siemens)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	23

Date	Id	Summary	Products	Score	Patch	Annotated
2018-09-12	CVE-2018-3658	Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.	Active_management_technology_firmware, Converged_security_management_engine_firmware, Manageability_engine_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc547e_firmware, Simatic_ipc627d_firmware, Simatic_ipc647d_firmware, Simatic_ipc677d_firmware, Simatic_ipc827d_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simatic_pc547g_firmware	5.3
2018-09-12	CVE-2018-3616	Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.	Active_management_technology_firmware, Converged_security_management_engine_firmware, Manageability_engine_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc547e_firmware, Simatic_ipc627d_firmware, Simatic_ipc647d_firmware, Simatic_ipc677d_firmware, Simatic_ipc827d_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simatic_pc547g_firmware	5.9
2018-09-12	CVE-2018-3657	Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.	Active_management_technology_firmware, Converged_security_management_engine_firmware, Manageability_engine_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc547e_firmware, Simatic_ipc627d_firmware, Simatic_ipc647d_firmware, Simatic_ipc677d_firmware, Simatic_ipc827d_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simatic_pc547g_firmware	6.7
2017-11-21	CVE-2017-5711	Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.	B150\-A_firmware, B150\-Plus_firmware, B150\-Pro_d3_firmware, B150\-Pro_firmware, B150_pro_gaming\/aura_firmware, B150_pro_gaming_d3_firmware, B150_pro_gaming_firmware, B150i_pro_gaming\/aura_firmware, B150i_pro_gaming\/wifi\/aura_firmware, B150m\-A\/m\.2_firmware, B150m\-A_d3_firmware, B150m\-A_firmware, B150m\-C\/br_firmware, B150m\-C_d3_firmware, B150m\-C_firmware, B150m\-D_firmware, B150m\-F_plus_firmware, B150m\-K_d3_firmware, B150m\-K_firmware, B150m\-Plus_d3_firmware, B150m\-Plus_firmware, B150m\-V_plus_firmware, B150m_pro_gaming_firmware, B250\-Mr_firmware, B250\-S_firmware, B250_mining_expert_firmware, B250m\-C_pro_firmware, B250m\-F_plus_firmware, Ex\-B150\-V7_firmware, Ex\-B150m\-V3_firmware, Ex\-B150m\-V5_firmware, Ex\-B150m\-V_firmware, Ex\-B250\-V7_firmware, Ex\-B250m\-V3_firmware, Ex\-B250m\-V5_firmware, Ex\-B250m\-V_firmware, Ex\-H110m\-V3_firmware, Ex\-H110m\-V_firmware, H110\-Plus_firmware, H110i\-Plus_firmware, H110m\-A\/dp_firmware, H110m\-A\/m\.2_firmware, H110m\-A_d3_firmware, H110m\-A_firmware, H110m\-C2\/tf_firmware, H110m\-C2_firmware, H110m\-C\/br_firmware, H110m\-C\/hdmi_firmware, H110m\-C\/ps_firmware, H110m\-C_firmware, H110m\-Cs\/br_firmware, H110m\-Cs_firmware, H110m\-Cs_x_firmware, H110m\-D\/exper\/si_firmware, H110m\-D_firmware, H110m\-E\/m\.2_firmware, H110m\-E_firmware, H110m\-F_firmware, H110m\-K_d3_firmware, H110m\-K_firmware, H110m\-K_x_firmware, H110m\-Ks_firmware, H110m\-Ks_r1_firmware, H110m\-P\/dvi_firmware, H110m\-Plus_firmware, H110m\-R_firmware, H110m\-Ts_firmware, H110s1_firmware, H110s2_firmware, H110t\-A_firmware, H110t_firmware, H170\-Plus_d3_firmware, H170\-Pro\/usb_3\.1_firmware, H170\-Pro_firmware, H170_pro_gaming_firmware, H170i\-Pro_firmware, H170m\-E_d3_firmware, H170m\-Plus\/br_firmware, H170m\-Plus_firmware, Pio\-B150m_firmware, Pio\-B250i_firmware, Prime_b250\-A_firmware, Prime_b250\-Plus_firmware, Prime_b250\-Pro_firmware, Prime_b250m\-A_firmware, Prime_b250m\-C_firmware, Prime_b250m\-D_firmware, Prime_b250m\-J_firmware, Prime_b250m\-K_firmware, Prime_b250m\-Plus\/br_firmware, Prime_b250m\-Plus_firmware, Prime_h110m2\/fpt_firmware, Prime_h110m2_firmware, Prime_h110m\-P_firmware, Prime_h270\-Plus_firmware, Prime_h270\-Pro_firmware, Prime_h270m\-Plus_firmware, Prime_j3355i\-C_firmware, Prime_q270m\-C_firmware, Prime_z270\-A_firmware, Prime_z270\-Ar_firmware, Prime_z270\-K_firmware, Prime_z270\-P_firmware, Prime_z270m\-Plus\/br_firmware, Prime_z270m\-Plus_firmware, Prime_z370\-A_firmware, Prime_z370\-P_firmware, Q170m2\/cdm\/si_firmware, Q170m2_firmware, Q170m\-C_firmware, Q170m\-Cm\-B_firmware, Q170s1_firmware, Q170t_firmware, Q170t_v2_firmware, Q270\-S_firmware, Q270m\-Cm\-A_firmware, Rog_maximus_ix_apex_firmware, Rog_maximus_ix_code_firmware, Rog_maximus_ix_extreme_firmware, Rog_maximus_ix_formula_firmware, Rog_maximus_ix_hero_firmware, Rog_maximus_viii_extreme_firmware, Rog_maximus_viii_formula_firmware, Rog_maximus_viii_gene_firmware, Rog_maximus_viii_hero_alpha_firmware, Rog_maximus_viii_hero_firmware, Rog_maximus_viii_impact_firmware, Rog_maximus_viii_ranger_firmware, Rog_maximus_x_apex_firmware, Rog_maximus_x_code_firmware, Rog_maximus_x_formula_firmware, Rog_maximus_x_hero_firmware, Rog_strix_b250f_gaming_firmware, Rog_strix_b250g_gaming_firmware, Rog_strix_b250h_gaming_firmware, Rog_strix_b250i_gaming_firmware, Rog_strix_h270f_gaming_firmware, Rog_strix_h270i_gaming_firmware, Rog_strix_z270e_gaming_firmware, Rog_strix_z270f_gaming_firmware, Rog_strix_z270g_gaming_firmware, Rog_strix_z270h_gaming\/k1_firmware, Rog_strix_z270h_gaming_firmware, Rog_strix_z270i_gaming_firmware, Rog_strix_z370\-E_gaming_firmware, Rog_strix_z370\-F_gaming_firmware, Rog_strix_z370\-G_gaming_firmware, Rog_strix_z370\-H_gaming_firmware, Rog_strix_z370\-I_gaming_firmware, Sabertooth_z170_mark_1_firmware, Sabertooth_z170_s_firmware, Trooper_b150_d3_firmware, Trooper_h110_d3_firmware, Tuf_z270_mark_1_firmware, Tuf_z270_mark_2_firmware, Tuf_z370\-Plus_gaming_firmware, Tuf_z370\-Pro_gaming_firmware, Z170\-A_firmware, Z170\-Ar_firmware, Z170\-Deluxe_firmware, Z170\-E_firmware, Z170\-K_firmware, Z170\-P_d3_firmware, Z170\-P_firmware, Z170\-Premium_firmware, Z170\-Pro_firmware, Z170_pro_gaming\/aura_firmware, Z170_pro_gaming_firmware, Z170i_pro_gaming_firmware, Z170m\-E_d3_firmware, Z170m\-Plus\/br_firmware, Z170m\-Plus_firmware, Active_management_technology_firmware, Manageability_engine_firmware, Simatic_field_pg_m3_firmware, Simatic_field_pg_m4_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc427d_firmware, Simatic_ipc427e_firmware, Simatic_ipc477d_firmware, Simatic_ipc477d_pro_firmware, Simatic_ipc477e_firmware, Simatic_ipc547d_firmware, Simatic_ipc547e_firmware, Simatic_ipc627c_firmware, Simatic_ipc627d_firmware, Simatic_ipc647c_firmware, Simatic_ipc647d_firmware, Simatic_ipc677c_firmware, Simatic_ipc677d_firmware, Simatic_ipc827c_firmware, Simatic_ipc827d_firmware, Simatic_ipc847c_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simotion_p320\-4s_firmware, Sinumerik_pcu50\.5\-C_firmware, Sinumerik_pcu50\.5\-P_firmware	7.8
2017-11-21	CVE-2017-5712	Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.	B150\-A_firmware, B150\-Plus_firmware, B150\-Pro_d3_firmware, B150\-Pro_firmware, B150_pro_gaming\/aura_firmware, B150_pro_gaming_d3_firmware, B150_pro_gaming_firmware, B150i_pro_gaming\/aura_firmware, B150i_pro_gaming\/wifi\/aura_firmware, B150m\-A\/m\.2_firmware, B150m\-A_d3_firmware, B150m\-A_firmware, B150m\-C\/br_firmware, B150m\-C_d3_firmware, B150m\-C_firmware, B150m\-D_firmware, B150m\-F_plus_firmware, B150m\-K_d3_firmware, B150m\-K_firmware, B150m\-Plus_d3_firmware, B150m\-Plus_firmware, B150m\-V_plus_firmware, B150m_pro_gaming_firmware, B250\-Mr_firmware, B250\-S_firmware, B250_mining_expert_firmware, B250m\-C_pro_firmware, B250m\-F_plus_firmware, Ex\-B150\-V7_firmware, Ex\-B150m\-V3_firmware, Ex\-B150m\-V5_firmware, Ex\-B150m\-V_firmware, Ex\-B250\-V7_firmware, Ex\-B250m\-V3_firmware, Ex\-B250m\-V5_firmware, Ex\-B250m\-V_firmware, Ex\-H110m\-V3_firmware, Ex\-H110m\-V_firmware, H110\-Plus_firmware, H110i\-Plus_firmware, H110m\-A\/dp_firmware, H110m\-A\/m\.2_firmware, H110m\-A_d3_firmware, H110m\-A_firmware, H110m\-C2\/tf_firmware, H110m\-C2_firmware, H110m\-C\/br_firmware, H110m\-C\/hdmi_firmware, H110m\-C\/ps_firmware, H110m\-C_firmware, H110m\-Cs\/br_firmware, H110m\-Cs_firmware, H110m\-Cs_x_firmware, H110m\-D\/exper\/si_firmware, H110m\-D_firmware, H110m\-E\/m\.2_firmware, H110m\-E_firmware, H110m\-F_firmware, H110m\-K_d3_firmware, H110m\-K_firmware, H110m\-K_x_firmware, H110m\-Ks_firmware, H110m\-Ks_r1_firmware, H110m\-P\/dvi_firmware, H110m\-Plus_firmware, H110m\-R_firmware, H110m\-Ts_firmware, H110s1_firmware, H110s2_firmware, H110t\-A_firmware, H110t_firmware, H170\-Plus_d3_firmware, H170\-Pro\/usb_3\.1_firmware, H170\-Pro_firmware, H170_pro_gaming_firmware, H170i\-Pro_firmware, H170m\-E_d3_firmware, H170m\-Plus\/br_firmware, H170m\-Plus_firmware, Pio\-B150m_firmware, Pio\-B250i_firmware, Prime_b250\-A_firmware, Prime_b250\-Plus_firmware, Prime_b250\-Pro_firmware, Prime_b250m\-A_firmware, Prime_b250m\-C_firmware, Prime_b250m\-D_firmware, Prime_b250m\-J_firmware, Prime_b250m\-K_firmware, Prime_b250m\-Plus\/br_firmware, Prime_b250m\-Plus_firmware, Prime_h110m2\/fpt_firmware, Prime_h110m2_firmware, Prime_h110m\-P_firmware, Prime_h270\-Plus_firmware, Prime_h270\-Pro_firmware, Prime_h270m\-Plus_firmware, Prime_j3355i\-C_firmware, Prime_q270m\-C_firmware, Prime_z270\-A_firmware, Prime_z270\-Ar_firmware, Prime_z270\-K_firmware, Prime_z270\-P_firmware, Prime_z270m\-Plus\/br_firmware, Prime_z270m\-Plus_firmware, Prime_z370\-A_firmware, Prime_z370\-P_firmware, Q170m2\/cdm\/si_firmware, Q170m2_firmware, Q170m\-C_firmware, Q170m\-Cm\-B_firmware, Q170s1_firmware, Q170t_firmware, Q170t_v2_firmware, Q270\-S_firmware, Q270m\-Cm\-A_firmware, Rog_maximus_ix_apex_firmware, Rog_maximus_ix_code_firmware, Rog_maximus_ix_extreme_firmware, Rog_maximus_ix_formula_firmware, Rog_maximus_ix_hero_firmware, Rog_maximus_viii_extreme_firmware, Rog_maximus_viii_formula_firmware, Rog_maximus_viii_gene_firmware, Rog_maximus_viii_hero_alpha_firmware, Rog_maximus_viii_hero_firmware, Rog_maximus_viii_impact_firmware, Rog_maximus_viii_ranger_firmware, Rog_maximus_x_apex_firmware, Rog_maximus_x_code_firmware, Rog_maximus_x_formula_firmware, Rog_maximus_x_hero_firmware, Rog_strix_b250f_gaming_firmware, Rog_strix_b250g_gaming_firmware, Rog_strix_b250h_gaming_firmware, Rog_strix_b250i_gaming_firmware, Rog_strix_h270f_gaming_firmware, Rog_strix_h270i_gaming_firmware, Rog_strix_z270e_gaming_firmware, Rog_strix_z270f_gaming_firmware, Rog_strix_z270g_gaming_firmware, Rog_strix_z270h_gaming\/k1_firmware, Rog_strix_z270h_gaming_firmware, Rog_strix_z270i_gaming_firmware, Rog_strix_z370\-E_gaming_firmware, Rog_strix_z370\-F_gaming_firmware, Rog_strix_z370\-G_gaming_firmware, Rog_strix_z370\-H_gaming_firmware, Rog_strix_z370\-I_gaming_firmware, Sabertooth_z170_mark_1_firmware, Sabertooth_z170_s_firmware, Trooper_b150_d3_firmware, Trooper_h110_d3_firmware, Tuf_z270_mark_1_firmware, Tuf_z270_mark_2_firmware, Tuf_z370\-Plus_gaming_firmware, Tuf_z370\-Pro_gaming_firmware, Z170\-A_firmware, Z170\-Ar_firmware, Z170\-Deluxe_firmware, Z170\-E_firmware, Z170\-K_firmware, Z170\-P_d3_firmware, Z170\-P_firmware, Z170\-Premium_firmware, Z170\-Pro_firmware, Z170_pro_gaming\/aura_firmware, Z170_pro_gaming_firmware, Z170i_pro_gaming_firmware, Z170m\-E_d3_firmware, Z170m\-Plus\/br_firmware, Z170m\-Plus_firmware, Active_management_technology_firmware, Manageability_engine_firmware, Simatic_field_pg_m3_firmware, Simatic_field_pg_m4_firmware, Simatic_field_pg_m5_firmware, Simatic_ipc427d_firmware, Simatic_ipc427e_firmware, Simatic_ipc477d_firmware, Simatic_ipc477d_pro_firmware, Simatic_ipc477e_firmware, Simatic_ipc547d_firmware, Simatic_ipc547e_firmware, Simatic_ipc627c_firmware, Simatic_ipc627d_firmware, Simatic_ipc647c_firmware, Simatic_ipc647d_firmware, Simatic_ipc677c_firmware, Simatic_ipc677d_firmware, Simatic_ipc827c_firmware, Simatic_ipc827d_firmware, Simatic_ipc847c_firmware, Simatic_ipc847d_firmware, Simatic_itp1000_firmware, Simotion_p320\-4s_firmware, Sinumerik_pcu50\.5\-C_firmware, Sinumerik_pcu50\.5\-P_firmware	7.2
2020-11-12	CVE-2020-8745	Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.	Converged_security_and_manageability_engine, Trusted_execution_technology, Simatic_drive_controller_firmware, Simatic_et200sp_1515sp_pc2_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc667e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware, Sinumerik_828d_hw_pu\.4_firmware, Sinumerik_840d_sl_ht_10_firmware, Sinumerik_mc_mcu_1720_firmware, Sinumerik_one_firmware, Sinumerik_one_ncu_1740_firmware, Sinumerik_one_ppu_1740_firmware	6.8
2021-06-16	CVE-2020-27339	In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).	Insydeh2o, Ruggedcom_apr1808_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc227g_firmware, Simatic_ipc277g_firmware, Simatic_ipc327g_firmware, Simatic_ipc377g_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware	6.7
2021-10-01	CVE-2021-33626	A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution.	Insydeh2o, Ruggedcom_apr1808_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc227g_firmware, Simatic_ipc277g_firmware, Simatic_ipc327g_firmware, Simatic_ipc377g_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware	7.8
2021-06-09	CVE-2020-12357	Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.	Bios, Aff_bios, Cloud_backup, E\-Series_bios, Fas_bios, Hci_compute_node_bios, Hci_storage_node_bios, Solidfire_bios, Simatic_cpu_1518\-4_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware	6.7
2021-06-09	CVE-2020-24507	Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.	Converged_security_and_manageability_engine, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware	4.4