CVE-2022-32474

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...

PT-2023-13070 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O versions 5.0 through 5.5 Description: An issue was discovered in Insyde InsydeH2O where DMA attacks on the FvbServicesRuntimeDxe shared buffer could cause TOCTOU race-condition issues, leading to corruption of SMRAM and...

CVE-2022-32477

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

CVE-2022-32473

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

CVE-2022-32469

CVE-2022-32469 affects Insyde InsydeH2O BIOS (kernel 5.0–5.5). It describes a TOCTOU race condition in the PnpSmm shared buffer used by SMM and non-SMM code, which could enable SMRAM corruption and privilege escalation. The advisory notes mitigations: (1) enable IOMMU protection for the ACPI runt...

CVE-2022-32470

CVE-2022-32470 affects Insyde InsydeH2O BIOS (kernel 5.0–5.5). A TOCTOU race condition in the FwBlockServiceSmm shared buffer (used by SMM and non-SMM code) could lead to SMRAM corruption and privilege escalation. Documented mitigations include using IOMMU protection for the ACPI runtime memory u...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 through 5.5. An attacker...

CVE-2022-32475

CVE-2022-32475 concerns Insyde InsydeH2O (kernel 5.0–5.5). DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code can trigger a TOCTOU race condition, potentially causing SMRAM corruption and privilege escalation. The issue is noted to be fixed in the kernel, which also ...

CVE-2022-32954

An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

CVE-2022-32476

CVE-2022-32476 affects InsydeInsydeH2O firmware (kernel 5.0–5.5). DMA-driven TOCTOU between SMM and non-SMM paths on AhciBusDxe shared buffer could corrupt SMRAM and enable privilege escalation. Mitigations documented: enable IOMMU protection for the ACPI runtime memory used by the command buffer...

Siemens RUGGEDCOM APE1808 Product Family Competitive Conditions Vulnerability (CNVD-2023-09126)

The RUGGEDCOM APE1808 is a utility-level application hosting platform that allows you to deploy a range of commercial applications for edge computing and network security in harsh industrial environments. a competitive condition vulnerability exists in the Siemens RUGGEDCOM APE1808 product family...

Siemens RUGGEDCOM APE1808 Product Family Competitive Conditions Vulnerability (CNVD-2023-09127)

The RUGGEDCOM APE1808 is a utility-level application hosting platform that allows you to deploy a range of commercial applications for edge computing and network security in harsh industrial environments. a competitive condition vulnerability exists in the Siemens RUGGEDCOM APE1808 product family...

Dell Alienware m17 R5 BIOS buffer overflow vulnerability

Dell Alienware is a line of gaming laptops from Dell USA. versions prior to Dell Alienware m17 R5 BIOS 1.2.2 contain a buffer overflow vulnerability that stems from a program boundary error when handling untrusted input. An attacker could use this vulnerability to send content larger than the...

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Dell BIOS Buffer Overflow Vulnerability (CNVD-2023-14511)

A buffer overflow vulnerability exists in Dell BIOS, which is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. The vulnerability stems from a boundary error when handling untrusted input. A locally authenticated attacker could exploit the vulnerability to execu...

CVE-2022-34403

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM...

CVE-2022-34403

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM...

CVE-2022-34403

Dell BIOS contains a stack-based buffer overflow vulnerability. A locally authenticated attacker can trigger it by sending larger-than-expected input via System Management Interrupt (SMI), gaining arbitrary code execution in SMRAM. Affected component is Dell BIOS (embedded software on motherboard...

CVE-2022-34400

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM...

Heap overflow

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM...