CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.5%

CVSS Severity

CVSS v3 Score 7.1

References

https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2021004
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2021004

Products affected by CVE-2021-33834

Insyde » H2offt » Version: 6.20.00

cpe:2.3:a:insyde:h2offt:6.20.00
Insyde » Iscflashx64.sys » Version: 3.9.3.0

cpe:2.3:a:insyde:iscflashx64.sys:3.9.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-33834

Products

Pricing

Contact Us