{"vulnerability": "CVE-2021-4183", "sightings": [{"uuid": "cf3fef59-2774-4634-8eb7-7b6087eb3698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41837", "type": "seen", "source": "https://t.me/cibsecurity/36748", "content": "\u203c CVE-2021-41837 \u203c\n\nAn unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer \"current_ptr\" to read or write or manipulate data into SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-03T07:29:47.000000Z"}, {"uuid": "fc0d53dc-5392-41ca-a805-4a32a5c72bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41839", "type": "seen", "source": "https://t.me/cibsecurity/36742", "content": "\u203c CVE-2021-41839 \u203c\n\nA vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This can be used by an attacker to overwrite address location of any of the functions (FreePool,LocateHandleBuffer,HandleProtocol) to the address location of arbitrary code controlled by the attacker. On system call to SWSMI handler, the arbitrary code can be triggered to execute.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-03T07:29:39.000000Z"}, {"uuid": "881eb1c3-b8e4-4a10-aa18-875f5005b90b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41838", "type": "seen", "source": "https://t.me/cibsecurity/36739", "content": "\u203c CVE-2021-41838 \u203c\n\nAn unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer \"ptr\" to read or write or manipulate data in the SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-03T07:29:35.000000Z"}, {"uuid": "5e2f0bcd-a044-4d9e-9ca2-8f0bc70279af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41835", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12098", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-41835\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.\n\ud83d\udccf Published: 2022-01-21T18:17:44.000Z\n\ud83d\udccf Modified: 2025-04-16T16:46:42.361Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01", "creation_timestamp": "2025-04-16T16:56:11.000000Z"}, {"uuid": "090582c0-5875-43c0-b2a8-d817e96bfbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41835", "type": "seen", "source": "https://t.me/cibsecurity/36053", "content": "\u203c CVE-2021-41835 \u203c\n\nFresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-21T22:13:54.000000Z"}]}