VYPR

H2O UEFI Firmware

by Insyde

CVEs (1)

  • CVE-2020-5953HigFeb 3, 2022
    risk 0.49cvss 7.5epss 0.00

    A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution…