3 matches found
Siemens InsydeH2O Out-of-bounds Write (CVE-2022-24030)
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. Insyde BIOS is typically used in RUGGEDCO...
CVE-2022-24030
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM...
CVE-2022-24030
CVE-2022-24030 affects InsydeH2O’s AhciBusDxe driver. The issue is an SMM memory corruption vulnerability in kernel 5.1–5.5 that allows writing fixed or predictable data to SMRAM, enabling privilege escalation to System Management Mode. Affected kernel/workload context is local with no user inter...