CVE-2021-33626

Name of the Vulnerable Software and Affected Versions: SMM (System Management Mode) (affected versions not specified)

Description: A vulnerability exists in the SMM branch that registers a SWSMI handler, which does not sufficiently check or validate the allocated buffer pointer (QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and potentially lead to arbitrary code execution.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.