Lucene search
China National Vulnerability DatabaseCNVD-2022-10273HistoryFeb 09, 2022 - 12:00 a.m.
Insyde InsydeH2O Buffer Overflow Vulnerability (CNVD-2022-10273)
2022-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
insydeh2o
buffer overflow
vulnerability
insyde software
taiwan
china
efi/uefi
bios
smram
cnvd-2022-10273
EPSS
0
Percentile
5.1%
Insyde InsydeH2O is a C source from Insyde Software (Taiwan, China) that implements the new technology “EFI/UEFI” specification, designed to replace the legacy BIOS (Basic Input/Output System). Operating System (H2O) UEFI firmware has a buffer overflow vulnerability that can be exploited to write fixed or predictable data to SMRAM.
Related
cve
cve
CVE-2022-24030
2022-02-03 02:15:07
nessus
nessus
Siemens InsydeH2O Out-of-bounds Write (CVE-2022-24030)
2023-09-26 00:00:00
cvelist
cvelist
CVE-2022-24030
2022-02-03 01:16:51
prion
prion
Memory corruption
2022-02-03 02:15:00
nvd
nvd
CVE-2022-24030
2022-02-03 02:15:07
cert
cert
InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-02-01 00:00:00
f5
f5
K45810018 : Multiple Insyde BIOS/EFI vulnerabilities
2022-02-15 00:00:00