An issue exists in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 prior to 05.14.28, Kernel 5.2 prior to 05.24.28, and Kernel 5.3 prior to 05.32.25. An SMM callout vulnerability allows an malicious user to hijack execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
insyde insydeh2o |