Lucene search
K

206 matches found

Cvelist
Cvelist
added 2023/06/26 7:44 p.m.27 views

CVE-2023-2290

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.4CVSS6.9AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2023/06/26 7:44 p.m.51 views

CVE-2023-2290

CVE-2023-2290 affects the Lenovo Flash Device Interface SMI handler (LenovoThinkPad/Lenovo Flash Device Interface component). The vulnerability, described across multiple feeds, allows a user who already has local access and has elevated privileges to execute arbitrary code via the LenovoFlashDev...

6.7CVSS6.7AI score0.0016EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/26 7:44 p.m.12 views

CVE-2023-2290

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.4CVSS7.4AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2023/04/11 10:15 p.m.4 views

CVE-2023-22613

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...

8.8CVSS5.8AI score0.00212EPSS
Exploits0References3
Prion
Prion
added 2023/04/11 10:15 p.m.23 views

Memory corruption

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...

4.3CVSS8.3AI score0.00212EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/04/11 9:15 p.m.35 views

CVE-2023-22614

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

8.8CVSS8.7AI score0.00378EPSS
Exploits1References3
Prion
Prion
added 2023/04/11 9:15 p.m.21 views

Memory corruption

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

4.3CVSS8.6AI score0.00228EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/04/11 9:15 p.m.22 views

Input validation

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

4.3CVSS8.6AI score0.00378EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/11 12:0 a.m.7 views

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

8.8AI score0.00228EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/04/11 12:0 a.m.37 views

CVE-2023-22614

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

8.9AI score0.00378EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/11 12:0 a.m.34 views

CVE-2023-22613

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...

8.7AI score0.00212EPSS
Exploits0References3
ICS
ICS
added 2023/02/14 12:0 a.m.60 views

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7CVSS7.5AI score0.00151EPSS
Exploits0References12
NVD
NVD
added 2023/01/30 10:15 p.m.29 views

CVE-2022-40135

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

4.4CVSS4.3AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2023/01/30 10:15 p.m.28 views

CVE-2022-40137

A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS6.9AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2023/01/30 10:15 p.m.32 views

CVE-2022-40136

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

4.4CVSS4.4AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2023/01/30 10:15 p.m.28 views

CVE-2022-40134

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

4.4CVSS4.4AI score0.00196EPSS
Exploits0References1
Prion
Prion
added 2023/01/30 10:15 p.m.24 views

Information disclosure

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

1.4CVSS4.4AI score0.00196EPSS
Exploits0References1Affected Software315
Prion
Prion
added 2023/01/30 10:15 p.m.23 views

Information disclosure

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

1.4CVSS4.3AI score0.00196EPSS
Exploits0References1Affected Software125
Prion
Prion
added 2023/01/30 10:15 p.m.24 views

Information disclosure

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

1.4CVSS4.4AI score0.00196EPSS
Exploits0References1Affected Software133
Prion
Prion
added 2023/01/30 10:15 p.m.20 views

Buffer overflow

A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code...

4CVSS6.9AI score0.00227EPSS
Exploits0References1Affected Software280
Rows per page
Query Builder