Lucene search
K

132 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.18 views

Siemens InsydeH2O Allocation of Resources Without Limits or Throttling (CVE-2021-41840)

An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere. Insyde...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.28 views

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41838)

An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check. Insyde BIOS is...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.21 views

Siemens InsydeH2O Inclusion of Functionality from Untrusted Control Sphere (CVE-2021-41841)

An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere. Insyde BIOS...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.28 views

Siemens InsydeH2O Improper Input Validation (CVE-2023-27373)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.19 views

Siemens InsydeH2O Improper Input Validation (CVE-2022-36448)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC devices. Please refer to the vendor advisory for a...

8.2CVSS7.8AI score0.0032EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.34 views

Siemens InsydeH2O Out-of-bounds Write (CVE-2022-35895)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution. Insyde BIOS is...

8.2CVSS7.9AI score0.00352EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/09/18 12:0 a.m.5 views

Insyde InsydeH2O Security Breach

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in the Insyde InsydeH2O kernel versions 5.0 to 5.5, which...

7.8CVSS7.5AI score0.0022EPSS
Exploits0References3
CVE
CVE
added 2023/08/18 12:0 a.m.54 views

CVE-2023-27471

CVE-2023-27471 affects Insyde InsydeH2O BIOS/UEFI (kernel 5.0–5.5). The vulnerability arises from improper protection/validation of the MeSetup UEFI variable, which on some systems can be overwritten via OS APIs. Exploitation could lead to a platform denial of service, according to the available ...

5.5CVSS5.3AI score0.00171EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/08/07 3:15 p.m.27 views

CVE-2023-27373

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM...

5.5CVSS6.2AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2023/08/07 12:0 a.m.54 views

CVE-2023-27373

CVE-2023-27373 affects InsydeH2O BIOS (kernel 5.0–5.5). The issue arises from insufficient input validation, allowing an attacker with local access to tamper with a runtime EFI variable and cause a dynamic BAR setting to overlap SMRAM. Connected advisories confirm this family of vulnerabilities a...

5.5CVSS5.3AI score0.00172EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/12 1:15 p.m.23 views

Command injection

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function ...

1.7CVSS6.5AI score0.00178EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/12 12:0 a.m.42 views

CVE-2022-24350

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function ...

5.9AI score0.00178EPSS
Exploits0References2
CVE
CVE
added 2023/04/12 12:0 a.m.60 views

CVE-2022-24350

The CVE-2022-24350 issue affects Insyde InsydeH2O BIOS (IhisiSmm) for kernel 5.0–5.5. The IHISI function 0x17 verifies the output buffer is within the command buffer, but does not ensure that output data does not extend beyond the end of the command buffer. Specifically, GetFlashTable is called o...

5.5CVSS5.6AI score0.00178EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/04/11 9:15 p.m.35 views

CVE-2023-22614

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

8.8CVSS8.7AI score0.00378EPSS
Exploits1References3
Prion
Prion
added 2023/04/11 9:15 p.m.21 views

Memory corruption

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

4.3CVSS8.6AI score0.00228EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/04/11 9:15 p.m.22 views

Input validation

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

4.3CVSS8.6AI score0.00378EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/11 12:0 a.m.37 views

CVE-2023-22614

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...

8.9AI score0.00378EPSS
Exploits1References3
CVE
CVE
added 2023/04/11 12:0 a.m.62 views

CVE-2023-22612

CVE-2023-22612 affects InsydeH2O firmware’s IhisiSmm component. The issue exists on InsydeH2O builds with kernels 5.0–5.5, where a malicious host OS can invoke the Insyde SMI handler with malformed arguments, leading to memory corruption in System Management Mode (SMM). Connected sources describe...

8.8CVSS8.6AI score0.00228EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/02/15 2:15 p.m.22 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.5 views

SUSE CVE-2020-12362

Integer overflow in the firmware for some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access...

7.5CVSS6.6AI score0.00359EPSS
Exploits0References14
Rows per page
Query Builder