Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35408
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in ...
Insyde Insydeh2o
NA
CVE-2022-35896
An issue SMM memory leak vulnerability in SMM driver (SMRAM exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to informat...
Insyde Insydeh2o
6.9
CVSSv2
CVE-2022-24030
An issue exists in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 up to and including 5.5. An SMM memory corruption vulnerability allows an malicious user to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
Insyde Insydeh2o
7.2
CVSSv2
CVE-2022-24031
An issue exists in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 up to and including 5.5. An SMM memory corruption vulnerability allows an malicious user to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
Insyde Insydeh2o
NA
CVE-2022-32469
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitig...
Insyde Insydeh2o
NA
CVE-2022-32470
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack c...
Insyde Insydeh2o
NA
CVE-2022-32471
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the command buffer contents with DMA after the input parameters have been checked but before they are u...
Insyde Insydeh2o
NA
CVE-2022-32473
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be ...
Insyde Insydeh2o
NA
CVE-2022-32474
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This ...
Insyde Insydeh2o
NA
CVE-2022-32476
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be m...
Insyde Insydeh2o
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »