Insyde ≫ Insydeh2o

80 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

8.2

CVE-2021-33627

EPSS 0.16%
Veröffentlicht 03.02.2022 02:15:06
Zuletzt bearbeitet 21.11.2024 06:09:13

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Commun...

7.5

CVE-2021-33625

EPSS 0.07%
Veröffentlicht 03.02.2022 02:15:06
Zuletzt bearbeitet 21.11.2024 06:09:13

An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows us...

7.5

CVE-2020-5953

EPSS 0.29%
Veröffentlicht 03.02.2022 01:15:07
Zuletzt bearbeitet 21.11.2024 05:34:53

A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This...

8.2

CVE-2022-24069

EPSS 0.06%
Veröffentlicht 03.02.2022 00:15:07
Zuletzt bearbeitet 21.11.2024 06:49:45

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to...

7.5

CVE-2021-43522

EPSS 0.06%
Veröffentlicht 03.02.2022 00:15:07
Zuletzt bearbeitet 21.11.2024 06:29:21

An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. A StorageSecurityCommandDxe SMM memory corruption vulnerability allows an attacker to write fixed or predictable data ...

8.2

CVE-2021-45971

EPSS 0.05%
Veröffentlicht 06.01.2022 00:15:07
Zuletzt bearbeitet 21.11.2024 06:33:24

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch tha...

9.8

CVE-2021-41842

EPSS 1.22%
Veröffentlicht 06.01.2022 00:15:07
Zuletzt bearbeitet 21.11.2024 06:26:52

An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handl...

8.2

CVE-2021-45970

EPSS 0.04%
Veröffentlicht 05.01.2022 23:15:08
Zuletzt bearbeitet 21.11.2024 06:33:24

An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that r...

8.2

CVE-2021-45969

EPSS 0.05%
Veröffentlicht 05.01.2022 23:15:08
Zuletzt bearbeitet 21.11.2024 06:33:23

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that ...

7.5

CVE-2020-5956

EPSS 0.41%
Veröffentlicht 05.01.2022 23:15:07
Zuletzt bearbeitet 21.11.2024 05:34:53

An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuf...

<1...5678