Insyde Insydeh2o
66 CVEs affecting Insyde Insydeh2o. Latest disclosed: 2025-06-12. Critical: 2, High: 53.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-39281 | Critical | 9.8 | 2023-11-01 | A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code exe… |
CVE-2021-41842 | Critical | 9.8 | 2022-01-06 | An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46… |
CVE-2023-22613 | High | 8.8 | 2023-04-11 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker cou… |
CVE-2023-22614 | High | 8.8 | 2023-04-11 | An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An atta… |
CVE-2023-22612 | High | 8.8 | 2023-04-11 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed argume… |
CVE-2023-22615 | High | 8.4 | 2023-04-11 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an add… |
CVE-2022-36448 | High | 8.2 | 2022-09-28 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the Pnp… |
CVE-2022-35893 | High | 8.2 | 2022-09-23 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an a… |
CVE-2022-36338 | High | 8.2 | 2022-09-23 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads… |
CVE-2022-35408 | High | 8.2 | 2022-09-22 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possibl… |
CVE-2022-35895 | High | 8.2 | 2022-09-21 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a softwar… |
CVE-2022-24031 | High | 8.2 | 2022-02-03 | An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fi… |
CVE-2021-43615 | High | 8.2 | 2022-02-03 | An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and… |
CVE-2021-43323 | High | 8.2 | 2022-02-03 | An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 b… |
CVE-2021-42554 | High | 8.2 | 2022-02-03 | An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42… |
CVE-2021-42113 | High | 8.2 | 2022-02-03 | An issue was discovered in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 before 05.14.28, Kernel 5.2 before 05.24.28, and Kernel 5.3 before 05… |
CVE-2021-42060 | High | 8.2 | 2022-02-03 | An issue was discovered in Insyde InsydeH2O Kernel 5.0 through 05.08.41, Kernel 5.1 through 05.16.41, Kernel 5.2 before 05.23.22, and Kernel 5.3 before 05.32.2… |
CVE-2021-41841 | High | 8.2 | 2022-02-03 | An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System M… |
CVE-2021-41840 | High | 8.2 | 2022-02-03 | An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the Syste… |
CVE-2021-41839 | High | 8.2 | 2022-02-03 | An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory… |