Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o 5.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32473
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be ...
Insyde Insydeh2o
NA
CVE-2022-32474
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This ...
Insyde Insydeh2o
NA
CVE-2022-32477
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This atta...
Insyde Insydeh2o
NA
CVE-2023-34195
An issue exists in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses this value as a function pointer. This var...
Insyde Insydeh2o
NA
CVE-2022-24350
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the Ge...
Insyde Insydeh2o
7.2
CVSSv2
CVE-2022-24069
An issue exists in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 prior to 05.08.41, 5.1 prior to 05.16.29, 5.2 prior to 05.26.29, 5.3 prior to 05.35.29, 5.4 prior to 05.43.29, and 5.5 prior to 05.51.29. An SMM callout vulnerability allows an malicious user to hijack the executio...
Insyde Insydeh2o
NA
CVE-2022-32953
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitiga...
Insyde Insydeh2o
NA
CVE-2022-32955
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitig...
Insyde Insydeh2o
7.2
CVSSv2
CVE-2021-42059
An issue exists in Insyde InsydeH2O Kernel 5.0 prior to 05.08.41, Kernel 5.1 prior to 05.16.41, Kernel 5.2 prior to 05.26.41, Kernel 5.3 prior to 05.35.41, and Kernel 5.4 prior to 05.42.20. A stack-based buffer overflow leads toarbitrary code execution in UEFI DisplayTypeDxe DXE ...
Insyde Insydeh2o
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc127e Firmware
Siemens Simatic Ipc227g Firmware
Siemens Simatic Ipc277g Firmware
Siemens Simatic Ipc327g Firmware
Siemens Simatic Ipc377g Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
7.2
CVSSv2
CVE-2021-41838
An issue exists in SdHostDriver in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimu...
Insyde Insydeh2o
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc127e Firmware
Siemens Simatic Ipc227g Firmware
Siemens Simatic Ipc277g Firmware
Siemens Simatic Ipc327g Firmware
Siemens Simatic Ipc377g Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »