2 matches found
CVE-2023-25600
An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016...
CVE-2023-25600
CVE-2023-25600 concerns InsydeH2O: a malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial-of-service condition. Multiple sources (NVD, Red Hat, CVE lists) confirm the issue and the fixed version. Affected component: InsydeH...