Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Insydeh2o
(Insyde)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 61 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-04-11 | CVE-2023-22615 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM. | Insydeh2o | 8.4 | ||
| 2023-04-11 | CVE-2023-22612 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM. | Insydeh2o | 8.8 | ||
| 2023-04-11 | CVE-2023-22614 | An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler. | Insydeh2o | 8.8 | ||
| 2023-04-11 | CVE-2023-22613 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption. | Insydeh2o | 8.8 | ||
| 2023-04-12 | CVE-2023-22616 | An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM. | Insydeh2o | 7.8 | ||
| 2021-06-16 | CVE-2020-27339 | In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5). | Insydeh2o, Ruggedcom_apr1808_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc227g_firmware, Simatic_ipc277g_firmware, Simatic_ipc327g_firmware, Simatic_ipc377g_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware | 6.7 | ||
| 2021-10-01 | CVE-2021-33626 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. | Insydeh2o, Ruggedcom_apr1808_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc127e_firmware, Simatic_ipc227g_firmware, Simatic_ipc277g_firmware, Simatic_ipc327g_firmware, Simatic_ipc377g_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware | 7.8 | ||
| 2022-01-05 | CVE-2020-5956 | An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer. | Insydeh2o | 7.5 | ||
| 2022-01-05 | CVE-2021-45969 | An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location). | Insydeh2o | 8.2 | ||
| 2022-01-05 | CVE-2021-45970 | An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location). | Insydeh2o | 8.2 |