4 matches found
CVE-2022-35895
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution...
Siemens InsydeH2O Out-of-bounds Write (CVE-2022-35895)
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution. Insyde BIOS is...
CVE-2022-35895
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution...
CVE-2022-35895
CVE-2022-35895 affects Insyde InsydeH2O BIOS (kernel 5.0–5.5). The vulnerability lies in the FwBlockSericceSmm driver, which fails to validate input for a software SMI routine, enabling memory corruption of arbitrary addresses including SMRAM and potentially arbitrary code execution. Exploitation...