Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-41842
An issue exists in AtaLegacySmm in the kernel 5.0 prior to 05.08.46, 5.1 prior to 05.16.46, 5.2 prior to 05.26.46, 5.3 prior to 05.35.46, 5.4 prior to 05.43.46, and 5.5 prior to 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer chec...
Insyde Insydeh2o
641
VMScore
CVE-2021-43323
An issue exists in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 prior to 05.51.45, 5.4 prior to 05.43.45, 5.3 prior to 05.35.45, 5.2 prior to 05.26.45, 5.1 prior to 05.16.45, and 5.0 prior to 05.08.45. An SMM callout vulnerability allows an malicious user to hijack execution fl...
Insyde Insydeh2o
641
VMScore
CVE-2021-43615
An issue exists in HddPassword in Insyde InsydeH2O with kernel 5.1 prior to 05.16.23, 5.2 prior to 05.26.23, 5.3 prior to 05.35.23, 5.4 prior to 05.43.22, and 5.5 prior to 05.51.22. An SMM memory corruption vulnerability allows an malicious user to write fixed or predictable data...
Insyde Insydeh2o
641
VMScore
CVE-2021-45971
An issue exists in SdHostDriver in Insyde InsydeH2O with kernel 5.1 prior to 05.16.25, 5.2 prior to 05.26.25, 5.3 prior to 05.35.25, 5.4 prior to 05.43.25, and 5.5 prior to 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler ...
Insyde Insydeh2o
NA
CVE-2022-32475
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue w...
Insyde Insydeh2o
NA
CVE-2022-32477
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This atta...
Insyde Insydeh2o
NA
CVE-2023-22616
An issue exists in Insyde InsydeH2O with kernel 5.2 up to and including 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM.
Insyde Insydeh2o
409
VMScore
CVE-2021-41839
An issue exists in NvmExpressDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to ...
Insyde Insydeh2o
641
VMScore
CVE-2021-41840
An issue exists in NvmExpressDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrust...
Insyde Insydeh2o
641
VMScore
CVE-2021-41841
An issue exists in AhciBusDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted ...
Insyde Insydeh2o
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »