CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver...

8.2CVSS7AI score0.00078EPSS

Exploits1

RedhatCVE•added 2025/05/22 10:50 p.m.•7 views

CVE-2022-30772

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrit...

8.2CVSS6.6AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:50 p.m.•5 views

CVE-2022-30771

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

8.2CVSS7.1AI score0.00051EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:6 p.m.•3 views

CVE-2022-30774

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used a TOCTOU attack DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checke...

6.4CVSS7.1AI score0.00051EPSS

Exploits0References1

ATTACKERKB•added 2024/04/26 3:15 a.m.•1 views

CVE-2023-47252

An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communication buffer, which could...

6.3CVSS6AI score0.00133EPSS

Exploits0References2

NVD•added 2024/04/26 3:15 a.m.•8 views

CVE-2023-47252

6.3CVSS6.6AI score0.00133EPSS

Exploits0References1

OSV•added 2024/04/26 3:15 a.m.•1 views

CVE-2023-47252

6.3CVSS6AI score0.00133EPSS

Exploits0References1

Cvelist•added 2024/04/26 12:0 a.m.•9 views

CVE-2023-47252

6.8AI score0.00133EPSS

Exploits0References1

CVE•added 2024/04/26 12:0 a.m.•44 views

CVE-2023-47252

Summary (CVE-2023-47252): Insyde InsydeH2O’s PnpSmm in the kernel range 5.0–5.6 is affected by an out-of-bounds access in the SMM communication buffer. The PNP-related SMI sub-functions do not verify data size before reading from the buffer, potentially allowing corruption of data immediately fol...

6.3CVSS6.9AI score0.00133EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/04/26 12:0 a.m.•11 views

CVE-2023-47252

7AI score0.00133EPSS

Exploits0References1

Tenable Nessus•added 2023/09/26 12:0 a.m.•22 views

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32469)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.5AI score0.00069EPSS

Exploits0References4

Tenable Nessus•added 2023/09/26 12:0 a.m.•17 views

Siemens InsydeH2O Improper Input Validation (CVE-2022-36448)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC devices. Please refer to the vendor advisory for a...

8.2CVSS7.8AI score0.00078EPSS

Exploits1References4

NVD•added 2023/02/15 2:15 p.m.•22 views

CVE-2022-32469

7CVSS8AI score0.00069EPSS

Exploits0References2