Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28468
An issue exists in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an malicious user to interact with the SPI flash at run-time from the OS.
Insyde Kernel
NA
CVE-2022-24350
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the Ge...
Insyde Insydeh2o
NA
CVE-2023-22613
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption.
Insyde Insydeh2o 05.27.37
Insyde Insydeh2o 05.36.37
Insyde Insydeh2o 05.44.45
Insyde Insydeh2o 05.52.45
NA
CVE-2023-22612
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM.
Insyde Insydeh2o 05.28.03
Insyde Insydeh2o 05.37.03
Insyde Insydeh2o 05.45.01
Insyde Insydeh2o 05.53.01
Insyde Insydeh2o 05.0a.11
Insyde Insydeh2o 05.18.03
NA
CVE-2023-22614
An issue exists in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.
Insyde Insydeh2o 05.44.45.0028
Insyde Insydeh2o 05.44.45.0015
Insyde Insydeh2o 05.44.34.0054
Insyde Insydeh2o 05.42.52.0026
Insyde Insydeh2o 05.43.12.0056
Insyde Insydeh2o 05.43.01.0026
NA
CVE-2023-22615
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite p...
Insyde Insydeh2o 05.37.03
Insyde Insydeh2o 05.45.01
Insyde Insydeh2o 05.53.01
NA
CVE-2022-32469
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitig...
Insyde Insydeh2o
NA
CVE-2022-32475
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue w...
Insyde Insydeh2o
NA
CVE-2022-32477
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This atta...
Insyde Insydeh2o
NA
CVE-2022-32470
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack c...
Insyde Insydeh2o
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »