CVE-2021-33625
An issue was discovered in Kernel 5.x (starting from 5.1) in Insyde InsydeH2O, has a SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
Source: CVE-2021-33625