Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.0 vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2022-29275
In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue exists by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5...
Insyde Kernel
8.2
CVSSv3
CVE-2022-30772
Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by ma...
Insyde Kernel
8.2
CVSSv3
CVE-2022-36448
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.
Insyde Insydeh2o
8.2
CVSSv3
CVE-2022-35893
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an malicious user to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges ...
Insyde Insydeh2o
8.2
CVSSv3
CVE-2022-36338
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads to arbitrary code execution. An attacker can replace the pointer to the UEFI boot service GetVariable with a pointer ...
Insyde Insydeh2o
8.2
CVSSv3
CVE-2022-35408
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in ...
Insyde Insydeh2o
8.2
CVSSv3
CVE-2022-35895
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execu...
Insyde Insydeh2o
8.2
CVSSv3
CVE-2021-41837
An issue exists in AhciBusDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to esc...
Insyde Insydeh2o
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc127e Firmware
Siemens Simatic Ipc227g Firmware
Siemens Simatic Ipc277g Firmware
Siemens Simatic Ipc327g Firmware
Siemens Simatic Ipc377g Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
8.2
CVSSv3
CVE-2021-41840
An issue exists in NvmExpressDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrust...
Insyde Insydeh2o
8.2
CVSSv3
CVE-2021-42554
An issue exists in Insyde InsydeH2O with Kernel 5.0 prior to 05.08.42, Kernel 5.1 prior to 05.16.42, Kernel 5.2 prior to 05.26.42, Kernel 5.3 prior to 05.35.42, Kernel 5.4 prior to 05.42.51, and Kernel 5.5 prior to 05.50.51. An SMM memory corruption vulnerability in FvbServicesRu...
Insyde Insydeh2o
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc127e Firmware
Siemens Simatic Ipc227g Firmware
Siemens Simatic Ipc277g Firmware
Siemens Simatic Ipc327g Firmware
Siemens Simatic Ipc377g Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
Siemens Ruggedcom Ape1808 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »