Insyde

Insydeh2o

84 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2025-4421

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 30.07.2025 00:39:28
  • Zuletzt bearbeitet 31.07.2025 18:42:37

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.  https://support.lenovo.com/us/en/product_securi...

6.7

CVE-2024-55567

  • EPSS 0.03%
  • Veröffentlicht 12.06.2025 00:00:00
  • Zuletzt bearbeitet 20.08.2025 17:31:31

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbi...

7.8

CVE-2025-4275

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 11.06.2025 00:25:17
  • Zuletzt bearbeitet 30.07.2025 08:15:34

A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrar...

7.9

CVE-2024-52880

  • EPSS 0.03%
  • Veröffentlicht 15.05.2025 00:00:00
  • Zuletzt bearbeitet 29.07.2025 13:09:06

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before vers...

7.5

CVE-2024-52879

  • EPSS 0.07%
  • Veröffentlicht 15.05.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:04:35

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before vers...

7.5

CVE-2024-52877

  • EPSS 0.07%
  • Veröffentlicht 15.05.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:06:05

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before vers...

7.5

CVE-2024-52878

  • EPSS 0.07%
  • Veröffentlicht 15.05.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:05:30

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before vers...

7.8

CVE-2025-4273

  • EPSS -
  • Veröffentlicht 05.05.2025 01:20:25
  • Zuletzt bearbeitet 05.05.2025 03:15:23

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

6.4

CVE-2024-49200

  • EPSS 0.11%
  • Veröffentlicht 15.04.2025 22:15:15
  • Zuletzt bearbeitet 30.04.2025 16:41:11

An issue was discovered in AcpiS3SaveDxe and ChipsetSvcDxe in Insyde InsydeH2O with kernel 5.2 though 5.7. A potential DXE memory corruption vulnerability has been identified. The root cause is use of a pointer originating from the value of an NVRAM ...

6.1

CVE-2023-28149

  • EPSS 0.06%
  • Veröffentlicht 31.07.2024 19:15:10
  • Zuletzt bearbeitet 07.11.2024 17:35:03

An issue was discovered in the IhisiServiceSmm module in Insyde InsydeH2O with kernel 5.2 before 05.28.42, 5.3 before 05.37.42, 5.4 before 05.45.39, 5.5 before 05.53.39, and 5.6 before 05.60.39 that could allow an attacker to modify UEFI variables.