Memory Corruption Vulnerability in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00

CVE-2021-33834 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.

Learn more about our Web Application Penetration Testing UK.