CVE-2022-35408

Exploit

EPSS 0.08%
Published 22.09.2022 16:15:09
Last modified 27.05.2025 16:15:26
Source cve@mitre.org
Teams watchlist Login
Open Login

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Insyde ≫ Insydeh2o Version >= 5.1 < 5.17.38

Insyde ≫ Insydeh2o Version >= 5.2 < 05.27.28

Insyde ≫ Insydeh2o Version >= 5.3 < 05.36.28

Insyde ≫ Insydeh2o Version >= 5.4 < 05.44.28

Insyde ≫ Insydeh2o Version >= 5.5 < 05.52.28

Insyde ≫ Insydeh2o Version >= 5.0 < 05.09.38

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.256

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-123 Write-what-where Condition

Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.

https://www.insyde.com/security-pledge

Vendor Advisory

https://binarly.io/advisories/BRLY-2022-022/index.html

Third Party Advisory

Exploit

https://www.insyde.com/security-pledge/SA-2022031

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-35408

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-35408

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-35408

EUVD