Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
6.8
CVSSv2
CVE-2021-38575
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
NA
CVE-2023-31041
An issue exists in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.
Insyde Insydeh2o 5.0
Insyde Insydeh2o 5.1
Insyde Insydeh2o 5.2
Insyde Insydeh2o 5.3
Insyde Insydeh2o 5.4
Insyde Insydeh2o 5.5
NA
CVE-2023-27373
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM.
Insyde Insydeh2o 5.0
Insyde Insydeh2o 5.1
Insyde Insydeh2o 5.2
Insyde Insydeh2o 5.3
Insyde Insydeh2o 5.4
Insyde Insydeh2o 5.5
NA
CVE-2023-28468
An issue exists in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an malicious user to interact with the SPI flash at run-time from the OS.
Insyde Kernel
NA
CVE-2022-36337
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.
Insyde Kernel
NA
CVE-2023-27471
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. E...
Insyde Insydeh2o 5.0
Insyde Insydeh2o 5.1
Insyde Insydeh2o 5.2
Insyde Insydeh2o 5.3
Insyde Insydeh2o 5.4
Insyde Insydeh2o 5.5
NA
CVE-2022-29276
SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue exists by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version ...
Insyde Kernel
NA
CVE-2022-35407
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable ex...
Insyde Kernel
NA
CVE-2022-29275
In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue exists by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5...
Insyde Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »