Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2022-24069
An issue exists in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 prior to 05.08.41, 5.1 prior to 05.16.29, 5.2 prior to 05.26.29, 5.3 prior to 05.35.29, 5.4 prior to 05.43.29, and 5.5 prior to 05.51.29. An SMM callout vulnerability allows an malicious user to hijack the executio...
Insyde Insydeh2o
NA
CVE-2022-24351
TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version prior to 05.44.13, and Kernel 5.5 before version 05.52.13 allows an malicious user to alter data and code used by the remainder ...
Insyde Insydeh2o
NA
CVE-2023-39284
An issue exists in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler.
Insyde Insydeh2o
641
VMScore
CVE-2021-41841
An issue exists in AhciBusDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted ...
Insyde Insydeh2o
641
VMScore
CVE-2021-42060
An issue exists in Insyde InsydeH2O Kernel 5.0 up to and including 05.08.41, Kernel 5.1 up to and including 05.16.41, Kernel 5.2 prior to 05.23.22, and Kernel 5.3 prior to 05.32.22. An Int15ServiceSmm SMM callout vulnerability allows an malicious user to hijack execution flow of ...
Insyde Insydeh2o
614
VMScore
CVE-2022-24030
An issue exists in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 up to and including 5.5. An SMM memory corruption vulnerability allows an malicious user to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
Insyde Insydeh2o
NA
CVE-2022-24350
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the Ge...
Insyde Insydeh2o
641
VMScore
CVE-2021-43323
An issue exists in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 prior to 05.51.45, 5.4 prior to 05.43.45, 5.3 prior to 05.35.45, 5.2 prior to 05.26.45, 5.1 prior to 05.16.45, and 5.0 prior to 05.08.45. An SMM callout vulnerability allows an malicious user to hijack execution fl...
Insyde Insydeh2o
641
VMScore
CVE-2021-43615
An issue exists in HddPassword in Insyde InsydeH2O with kernel 5.1 prior to 05.16.23, 5.2 prior to 05.26.23, 5.3 prior to 05.35.23, 5.4 prior to 05.43.22, and 5.5 prior to 05.51.22. An SMM memory corruption vulnerability allows an malicious user to write fixed or predictable data...
Insyde Insydeh2o
NA
CVE-2022-35895
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execu...
Insyde Insydeh2o
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »