Known Vulnerabilities for products from Insyde
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Insyde".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40238 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-12-07 | 2024-01-05 |
| CVE-2023-39284 json | An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to Set... | 5.5 - MEDIUM | 2023-11-02 | 2023-11-15 |
| CVE-2023-39283 json | An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0... | 7.8 - HIGH | 2023-11-02 | 2023-11-10 |
| CVE-2023-39281 json | A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows a... | 9.8 - CRITICAL | 2023-11-01 | 2023-11-09 |
| CVE-2023-34195 json | An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The implementa... | 7.8 - HIGH | 2023-09-18 | 2023-09-21 |
| CVE-2023-31041 json | An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could ... | 7.5 - HIGH | 2023-08-14 | 2023-08-24 |
| CVE-2023-30633 json | An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR valu... | 5.3 - MEDIUM | 2023-10-19 | 2023-10-31 |
| CVE-2023-28468 json | An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe S... | 6.5 - MEDIUM | 2023-08-03 | 2023-08-09 |
| CVE-2023-27471 json | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and va... | 5.5 - MEDIUM | 2023-08-18 | 2023-08-24 |
| CVE-2023-27373 json | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker ca... | 5.5 - MEDIUM | 2023-08-07 | 2023-08-15 |
| CVE-2023-25600 json | An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading t... | 7.1 - HIGH | 2023-08-03 | 2023-08-08 |
| CVE-2023-22616 json | An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. T... | 7.8 - HIGH | 2023-04-12 | 2023-04-20 |
| CVE-2023-22615 json | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt ... | 8.4 - HIGH | 2023-04-11 | 2023-08-14 |
| CVE-2023-22614 json | An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validat... | 8.8 - HIGH | 2023-04-11 | 2023-08-14 |
| CVE-2023-22613 json | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-c... | 8.8 - HIGH | 2023-04-11 | 2023-08-14 |
| CVE-2023-22612 json | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde... | 8.8 - HIGH | 2023-04-11 | 2023-08-14 |
| CVE-2022-36448 json | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in t... | 8.2 - HIGH | 2022-09-28 | 2023-08-08 |
| CVE-2022-36338 json | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver FwBlo... | 8.2 - HIGH | 2022-09-23 | 2022-09-27 |
| CVE-2022-36337 json | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxCon... | 8.2 - HIGH | 2022-11-23 | 2022-11-30 |
| CVE-2022-35897 json | An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel... | 6.8 - MEDIUM | 2022-11-21 | 2022-11-30 |