Lucene search
+L

407 matches found

Prion
Prion
added 2023/11/02 10:15 p.m.27 views

Memory corruption

An SMM memory corruption vulnerability in the SMM driver SMRAM write in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation...

4.3CVSS7.7AI score0.00194EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/02 9:15 p.m.4 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.5CVSS6.2AI score0.00178EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/11/02 12:0 a.m.20 views

CVE-2023-39283

An SMM memory corruption vulnerability in the SMM driver SMRAM write in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation...

7.3AI score0.00194EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/02 12:0 a.m.7 views

Insyde InsydeH2O Security Breach

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in the Insyde InsydeH2O kernel versions 5.0 to 5.5, which...

5.5CVSS6.7AI score0.00178EPSS
Exploits0References3
CVE
CVE
added 2023/11/02 12:0 a.m.83 views

CVE-2023-39283

CVE-2023-39283 affects FreeRDP clients. The vulnerability is an out-of-bounds/read issue in FreeRDP when handling certain video-related input, potentially allowing a remote attacker to trigger a crash or compromise via crafted RDP data. Affected products are FreeRDP-based clients (not servers); i...

7.8CVSS8.7AI score0.00194EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/01 10:15 p.m.6 views

CVE-2023-39281

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

9.8CVSS6.5AI score0.00487EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/01 12:0 a.m.5 views

Insyde InsydeH2O Security Breach

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 through 5.5, whi...

9.8CVSS7.9AI score0.00487EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/01 12:0 a.m.50 views

CVE-2023-39281

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

9.9AI score0.00487EPSS
Exploits0References2
CVE
CVE
added 2023/11/01 12:0 a.m.78 views

CVE-2023-39281

CVE-2023-39281 affects InsydeH2O firmware (AsfSecureBootDxe) with kernel 5.0–5.5. The vulnerability is a stack buffer overflow in AsfSecureBootDxe, enabling arbitrary code execution during the DXE phase. Public sources in the connected documents confirm the affected software/component and the roo...

9.8CVSS9.6AI score0.00487EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/10/19 8:15 p.m.12 views

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References3
Prion
Prion
added 2023/10/19 8:15 p.m.21 views

Design/Logic Flaw

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

2.1CVSS5.1AI score0.00733EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/10/19 12:0 a.m.56 views

CVE-2023-30633

CVE-2023-30633 affects Insyde InsydeH2O’s TrEEConfigDriver (kernel 5.0–5.5). The issue allows reporting of false TPM PCR values, enabling a device to masquerade as healthy by extending arbitrary data into PCR banks. Impact depends on PCR integrity, potentially masking malware activity; exploit re...

5.3CVSS4.8AI score0.00212EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.22 views

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-34325)

DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the StorageSecurityCommandDxe drive...

7.8CVSS7.4AI score0.00132EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.19 views

Siemens InsydeH2O Out-of-bounds Write (CVE-2023-22613)

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption. Insyde BIOS is typically...

8.8CVSS8AI score0.00212EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.18 views

Siemens InsydeH2O Privilege Escalation (CVE-2020-5955)

An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC devices. Please refer to the vendor advisory for a precise list of...

9.8CVSS8.3AI score0.01368EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.28 views

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41838)

An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check. Insyde BIOS is...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/09/18 1:15 p.m.4 views

CVE-2023-34195

An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses this value as a function pointer. This variable is wiped out by...

7.8CVSS7.7AI score0.0022EPSS
Exploits0References3
CVE
CVE
added 2023/09/18 12:0 a.m.52 views

CVE-2023-34195

Insyde InsydeH2O (kernel 5.0–5.5) contains a vulnerability in SystemFirmwareManagementRuntimeDxe where GetImage reads a runtime variable GetImageProgress and later uses its value as a function pointer. The GetImageProgress variable is wiped by the same module before function end. If an OS sets th...

7.8CVSS7.7AI score0.0022EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2023/09/12 12:0 a.m.120 views

Siemens RUGGEDCOM APE1808 Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS8.3AI score0.00178EPSS
Exploits0References12
NVD
NVD
added 2023/09/08 2:15 a.m.25 views

CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...

7.1CVSS7.2AI score0.00187EPSS
Exploits0References2
Rows per page
Query Builder