Lucene search
K

142 matches found

Cvelist
Cvelist
added 2023/11/01 12:0 a.m.47 views

CVE-2023-39281

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

9.9AI score0.00487EPSS
Exploits0References2
CVE
CVE
added 2023/11/01 12:0 a.m.76 views

CVE-2023-39281

CVE-2023-39281 affects InsydeH2O firmware (AsfSecureBootDxe) with kernel 5.0–5.5. The vulnerability is a stack buffer overflow in AsfSecureBootDxe, enabling arbitrary code execution during the DXE phase. Public sources in the connected documents confirm the affected software/component and the roo...

9.8CVSS9.6AI score0.00487EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/10/19 8:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

2.1CVSS5.1AI score0.00733EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/19 12:0 a.m.19 views

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

6.3AI score0.00212EPSS
Exploits0References2
CVE
CVE
added 2023/10/19 12:0 a.m.56 views

CVE-2023-30633

CVE-2023-30633 affects Insyde InsydeH2O’s TrEEConfigDriver (kernel 5.0–5.5). The issue allows reporting of false TPM PCR values, enabling a device to masquerade as healthy by extending arbitrary data into PCR banks. Impact depends on PCR integrity, potentially masking malware activity; exploit re...

5.3CVSS4.8AI score0.00212EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.18 views

Siemens InsydeH2O Out-of-bounds Write (CVE-2023-22613)

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption. Insyde BIOS is typically...

8.8CVSS8AI score0.00212EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.21 views

Siemens InsydeH2O Inclusion of Functionality from Untrusted Control Sphere (CVE-2021-41841)

An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere. Insyde BIOS...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.19 views

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32474)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...

7CVSS7.4AI score0.00132EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.34 views

Siemens InsydeH2O Out-of-bounds Write (CVE-2022-35895)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution. Insyde BIOS is...

8.2CVSS7.9AI score0.00352EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.19 views

Siemens InsydeH2O Improper Input Validation (CVE-2022-36448)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC devices. Please refer to the vendor advisory for a...

8.2CVSS7.8AI score0.00317EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.22 views

Siemens InsydeH2O Classic Buffer Overflow (CVE-2022-24350)

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function ...

5.5CVSS6.2AI score0.00178EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.28 views

Siemens InsydeH2O Improper Input Validation (CVE-2023-27373)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.27 views

Siemens InsydeH2O Missing Release of Memory after Effective Lifetime (CVE-2022-35894)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The SMI handler for the FwBlockServiceSmm driver uses an untrusted pointer as the location to copy data to an attacker- specified buffer, leading to information disclosure. Insyde BIOS is typically used in RUGGEDCOM APE...

6CVSS6.1AI score0.00311EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.28 views

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41838)

An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check. Insyde BIOS is...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.18 views

Siemens InsydeH2O Allocation of Resources Without Limits or Throttling (CVE-2021-41840)

An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere. Insyde...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.22 views

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41839)

An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges...

8.2CVSS7.7AI score0.00274EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/09/18 12:0 a.m.5 views

Insyde InsydeH2O Security Breach

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in the Insyde InsydeH2O kernel versions 5.0 to 5.5, which...

7.8CVSS7.5AI score0.0022EPSS
Exploits0References3
Prion
Prion
added 2023/08/18 7:15 p.m.24 views

Design/Logic Flaw

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerabili...

1.7CVSS5.2AI score0.00171EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/18 12:0 a.m.53 views

CVE-2023-27471

CVE-2023-27471 affects Insyde InsydeH2O BIOS/UEFI (kernel 5.0–5.5). The vulnerability arises from improper protection/validation of the MeSetup UEFI variable, which on some systems can be overwritten via OS APIs. Exploitation could lead to a platform denial of service, according to the available ...

5.5CVSS5.3AI score0.00171EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/18 12:0 a.m.32 views

CVE-2023-27471

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerabili...

5.5AI score0.00171EPSS
Exploits0References1
Rows per page
Query Builder