Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde insydeh2o 5.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39283
An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5 allows malicious users to send arbitrary data to SMM which could lead to privilege escalation.
Insyde Insydeh2o
Insyde Insydeh2o 5.5.05.53.22
Insyde Insydeh2o 5.6
Insyde Insydeh2o 5.6.05.60.22
NA
CVE-2023-40238
A LogoFAIL issue exists in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 prior to 05.28.47, 5.3 prior to 05.37.47, 5.4 prior to 05.45.47, 5.5 prior to 05.53.47, and 5.6 prior to 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a sp...
Insyde Insydeh2o
NA
CVE-2024-25079
A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 prior to 05.29.09, kernel 5.3 prior to 05.38.09, kernel 5.4 prior to 05.46.09, kernel 5.5 prior to 05.54.09, and kernel 5.6 prior to 05.61.09 could lead to escalating privileges in SMM.
NA
CVE-2024-27353
A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 prior to 05.29.09, kernel 5.3 prior to 05.38.09, kernel 5.4 prior to 05.46.09, kernel 5.5 prior to 05.54.09, and kernel 5.6 prior to 05.61.09 could lead to escalating privileges in SMM.
NA
CVE-2024-25078
A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could l...
NA
CVE-2023-47252
An issue exists in PnpSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communicatio...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started