CVE-2021-33834 Information

Description

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.

Reference

https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2021004