12 matches found
EUVD-2021-20508
Malware in sbrugna...
CVE-2021-33834
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...
CVE-2021-33834
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...
Memory corruption
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...
CVE-2021-33834
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...
CVE-2021-33834
The CVE-2021-33834 issue affects iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, input used to allocate a buffer and copy memory is mishandled, leading to memory corruption or a system crash. Red Hat and NVD entries confirm the same vulnerability across multiple ad...
CVE-2021-33834
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...
Insyde H2OFFT Buffer Error Vulnerability
Insyde H2OFFT is a set of tools for BIOS firmware development from Insyde Corporation of Taiwan, China. A security vulnerability exists in Insyde H2OFFT version 3.00.01.00 and prior versions, which stems from a vulnerability in the driver iscflashx64.sys that could allow an authorized user to...
CVE-2019-12532
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...
CVE-2019-12532
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...
CVE-2019-12532
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...
CVE-2019-12532
Insyde software tools (H2OFFT 3.02–5.28; 100.00.00.00–100.00.08.23; 200.00.00.01–200.00.00.05; H2OOAE <200.00.00.02; H2OSDE <200.00.00.07; H2OUVE <200.00.02.02; H2OPCM <100.00.06.00; H2OELV