Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o 5.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27353
A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 prior to 05.29.09, kernel 5.3 prior to 05.38.09, kernel 5.4 prior to 05.46.09, kernel 5.5 prior to 05.54.09, and kernel 5.6 prior to 05.61.09 could lead to escalating privileges in SMM.
NA
CVE-2024-25079
A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 prior to 05.29.09, kernel 5.3 prior to 05.38.09, kernel 5.4 prior to 05.46.09, kernel 5.5 prior to 05.54.09, and kernel 5.6 prior to 05.61.09 could lead to escalating privileges in SMM.
NA
CVE-2024-25078
A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could l...
NA
CVE-2023-47252
An issue exists in PnpSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communicatio...
NA
CVE-2023-40238
A LogoFAIL issue exists in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 prior to 05.28.47, 5.3 prior to 05.37.47, 5.4 prior to 05.45.47, 5.5 prior to 05.53.47, and 5.6 prior to 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a sp...
Insyde Insydeh2o
NA
CVE-2023-39283
An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5 allows malicious users to send arbitrary data to SMM which could lead to privilege escalation.
Insyde Insydeh2o
Insyde Insydeh2o 5.5.05.53.22
Insyde Insydeh2o 5.6
Insyde Insydeh2o 5.6.05.60.22
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started