📦 Insydeh2o
by Insyde
🔍 What is Insydeh2o?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows attackers to execute arbitrary code during the DXE phase of system boot by exploiting a stack buffer overflow in AsfSecureBootDxe. It affects systems running Insyde InsydeH2O...
This vulnerability in Insyde InsydeH2O UEFI firmware allows arbitrary code execution at SMM (System Management Mode) privilege level due to missing CommBuffer validation in the AtaLegacySmm SMI handle...
This vulnerability allows attackers to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level due to improper input validation in UsbCoreDxe. It affects systems running Insyde Ins...
This CVE describes a buffer over-read vulnerability in InsydeH2O UEFI firmware's VariableRuntimeDxe driver. Attackers could exploit this to read sensitive memory contents, potentially leading to infor...
This CVE describes a memory corruption vulnerability in the HddPassword component of Insyde InsydeH2O UEFI firmware kernels. Successful exploitation could allow an attacker to escalate privileges with...
This vulnerability allows arbitrary code execution during the DXE phase of UEFI boot process in InsydeH2O firmware. Attackers can set a UEFI variable from the operating system to point to malicious co...
This vulnerability in Insyde InsydeH2O UEFI firmware allows attackers to corrupt System Management RAM (SMRAM) due to insufficient validation of save state register values. Attackers with local access...
This vulnerability allows attackers to write to arbitrary memory addresses in System Management Mode (SMM) by providing malformed pointers to SMI handlers. It affects systems running Insyde InsydeH2O ...
This vulnerability allows attackers to exploit insufficient input validation in BIOS Guard updates within InsydeH2O firmware, leading to memory corruption in System Management Mode (SMM). Attackers ca...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on a shared buffer between SMM and non-SMM code, creating a TOCTOU race condition. Attackers could corrupt SMRAM and escalate privile...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the PnpSmm shared buffer, creating TOCTOU race conditions that can corrupt SMRAM and lead to privilege escalation. It affects syst...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the HddPassword shared buffer, creating TOCTOU race conditions that can corrupt SMRAM and lead to privilege escalation. It affects...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the SdHostDriver buffer, creating TOCTOU race conditions that can corrupt SMRAM and lead to privilege escalation. It affects syste...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on a shared buffer between SMM and non-SMM code, creating a TOCTOU race condition. Attackers could corrupt SMRAM and escalate privile...
This vulnerability in InsydeH2O firmware allows attackers with local access to potentially escalate privileges or corrupt data by exploiting a time-of-check-time-of-use (TOCTOU) race condition in the ...
This vulnerability in Insyde InsydeH2O firmware allows DMA attacks on the NvmExpressDxe buffer, creating TOCTOU race conditions that can corrupt SMRAM and lead to privilege escalation. It affects syst...
This vulnerability allows attackers to access System Management Mode (SMM) and execute arbitrary code in Insyde InsydeH2O UEFI firmware. It affects systems with InsydeH2O firmware versions containing ...
This vulnerability in Insyde InsydeH2O UEFI firmware allows attackers to execute arbitrary code in System Management Mode (SMM) through an SMM callout vulnerability in the NvmExpressDxe driver. It aff...
This vulnerability allows attackers to hijack execution flow in System Management Mode (SMM) through an Int15ServiceSmm callout. Exploitation could lead to privilege escalation to SMM, giving attacker...
This vulnerability allows attackers to write predictable data to SMRAM (System Management Mode RAM) in Insyde InsydeH2O UEFI firmware, potentially escalating privileges to SMM (System Management Mode)...
This vulnerability allows attackers to write predictable data to SMRAM (System Management Mode RAM) through a memory corruption flaw in InsydeH2O firmware's FvbServicesRuntimeDxe component. Successful...
This vulnerability allows an attacker to write predictable data to SMRAM (System Management Mode RAM) in Insyde InsydeH2O UEFI firmware, potentially leading to privilege escalation to SMM (System Mana...
This vulnerability in Insyde InsydeH2O Kernel allows attackers to use invalid buffer addresses with the EFI_SMM_COMMUNICATION_PROTOCOL Communicate() function, potentially accessing SMRAM, MMIO, or OS ...
This vulnerability allows attackers to execute arbitrary code in System Management Mode (SMM) by exploiting a flaw in InsydeH2O UEFI firmware's System Management Interrupt handler. Successful exploita...
This vulnerability in Insyde InsydeH2O UEFI firmware allows attackers to write predictable data to SMRAM (System Management RAM) through a memory corruption flaw in StorageSecurityCommandDxe. Exploita...
This vulnerability in Insyde InsydeH2O firmware's System Management Mode (SMM) allows attackers with local access to execute arbitrary code with SMM privileges by exploiting insufficient buffer pointe...
This vulnerability in Insyde InsydeH2O firmware's SdLegacySmm SMI handler allows attackers to execute arbitrary code with System Management Mode (SMM) privileges by exploiting insufficient input valid...
This vulnerability allows attackers to corrupt SMRAM memory through insufficient validation of buffer pointers in SMM SWSMI handlers, potentially leading to arbitrary code execution. It affects system...