20 matches found
EUVD-2020-27107
Malware in sbrugna...
PT-2023-29394 · Unknown · Swsmi Shadow Dxe Driver
Name of the Vulnerable Software and Affected Versions: SWSMI Shadow DXE driver affected versions not specified Description: A memory leakage issue was reported in the SWSMI Shadow DXE driver, potentially allowing a local attacker with elevated privileges to write to NVRAM variables...
Lenovo Bios Buffer Error Vulnerability
Lenovo Bios is a boot method for computers from the Chinese company Lenovo Lenovo. It is used to boot the system during computer startup. Lenovo Bios suffers from a buffer error vulnerability that stems from a memory leak vulnerability in the SWSMIShadow DXE driver...
Siemens InsydeH2O Out-of-bounds Write (CVE-2021-45969)
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...
K45810018: Multiple Insyde BIOS/EFI vulnerabilities
Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...
Input validation
An issue was discovered on certain Fujitsu LIEFBOOK devices A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449 with BIOS versions before v1.09 A3510, v2.17 U9310, v2.30 U7511/U7411/U7311, v2.33 U9311, v2.23 E5510, v2.19 U7510/U7410, v2.13 U7310, and v1.09 E459/E449...
CVE-2022-28806
The CVE-2022-28806 entry concerns Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with specific BIOS versions. The vulnerability stems from the FjGabiFlashCoreAbstractionSmm driver’s SWSMI handler, which does not sufficiently validate t...
Insyde InsydeH2O has an unspecified vulnerability (CNVD-2022-10282)
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. The vulnerability can be exploited to read or write to or manipulate data in SMRAM, resulting in an...
Insyde InsydeH2O has an unspecified vulnerability (CNVD-2022-10288)
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System.A security vulnerability exists in Insyde InsydeH2O. The vulnerability stems from the System Management...
Insyde InsydeH2O Buffer Overflow Vulnerability (CNVD-2022-10285)
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. Operating System H2O UEFI firmware suffers from a buffer overflow vulnerability that stems from the SWSMI...
Insyde InsydeH2O has an unspecified vulnerability (CNVD-2022-10283)
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. The vulnerability can be exploited to read or write or manipulate data to SMRAM, resulting in an escalation...
Code injection
A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM escalating...
CVE-2020-5953
A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM escalating...
CVE-2020-5953
CVE-2020-5953 affects InsydeH2O UEFI firmware, where the System Management Interrupt (SWSMI) handler dereferences EFI_RUNTIME_SERVICES (gRT) to call GetVariable outside SMRAM, enabling code execution in SMM and privilege escalation. Impact is local and architectural, as described in multiple sour...
Insyde InsydeH2O Buffer Overflow Vulnerability (CNVD-2022-10290)
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. A buffer overflow vulnerability exists in InsydeH2O, which stems from the SWSMI handler not adequately...
CVE-2021-45971
An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...
Buffer overflow
An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...
CVE-2021-45969
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...
CVE-2021-45971
An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...
CVE-2021-33626
CVE-2021-33626 affects InsydeH2O’s SMM code, specifically the SmmResourceCheckDxe driver, where a SWSMI handler registers without proper validation of the CommBuffer pointer, enabling data corruption in SMRAM and potential arbitrary code execution. Connected vendor disclosures confirm this vulner...