4 matches found
CVE-2022-35407
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...
CVE-2022-35407
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...
CVE-2022-35407
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...
CVE-2022-35407
The CVE concerns InsydeH2O’s SetupUtility driver on Intel platforms, affected versions 5.0–5.5. A stack buffer overflow from handling two UEFI variables allows arbitrary code execution when the second variable exceeds the first, enabling modification of certain UEFI variables. Impact is local, wi...