VYPR

Vendor CVEs

Insyde

All CVEs

97 total · sorted by risk
  • CVE-2023-39281CriNov 1, 2023
    risk 0.64cvss 9.8epss 0.00

    A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

  • CVE-2021-41842CriJan 6, 2022
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check.

  • CVE-2020-5955CriNov 3, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges.

  • CVE-2023-22613HigApr 11, 2023
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption.

  • CVE-2023-22614HigApr 11, 2023
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.

  • CVE-2023-22612HigApr 11, 2023
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM.

  • CVE-2024-33228HigMay 22, 2024
    risk 0.55cvss 8.4epss 0.00

    An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

  • CVE-2023-22615HigApr 11, 2023
    risk 0.55cvss 8.4epss 0.00

    An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite…

  • CVE-2022-36337HigNov 23, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.

  • CVE-2022-30772HigNov 15, 2022
    risk 0.53cvss 8.2epss 0.00

    Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by…

  • CVE-2022-29275HigNov 15, 2022
    risk 0.53cvss 8.2epss 0.00

    In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21…

  • CVE-2022-36448HigSep 28, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.

  • CVE-2022-35893HigSep 23, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

  • CVE-2022-36338HigSep 23, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads to arbitrary code execution. An attacker can replace the pointer to the UEFI boot service GetVariable with a pointer to…

  • CVE-2022-35408HigSep 22, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the…

  • CVE-2022-35895HigSep 21, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code…

  • CVE-2022-24031HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

  • CVE-2021-43615HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and 5.5 before 05.51.22. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to…

  • CVE-2021-43323HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. An SMM callout vulnerability allows an attacker to hijack execution flow of…

  • CVE-2021-42554HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in…

  • CVE-2021-42113HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 before 05.14.28, Kernel 5.2 before 05.24.28, and Kernel 5.3 before 05.32.25. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management…

  • CVE-2021-42060HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O Kernel 5.0 through 05.08.41, Kernel 5.1 through 05.16.41, Kernel 5.2 before 05.23.22, and Kernel 5.3 before 05.32.22. An Int15ServiceSmm SMM callout vulnerability allows an attacker to hijack execution flow of code running in System…

  • CVE-2021-41841HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control…

  • CVE-2021-41840HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted…

  • CVE-2021-41839HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to…

  • CVE-2021-41838HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check.

  • CVE-2021-41837HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to…

  • CVE-2021-33627HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the…

  • CVE-2022-24069HigFeb 3, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of…

  • CVE-2021-45971HigJan 6, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler…

  • CVE-2021-45970HigJan 5, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that…

  • CVE-2021-45969HigJan 5, 2022
    risk 0.53cvss 8.2epss 0.00

    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler…

  • CVE-2023-39283HigNov 2, 2023
    risk 0.51cvss 7.8epss 0.00

    An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

  • CVE-2023-34195HigSep 18, 2023
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses this value as a function pointer. This…

  • CVE-2023-22616HigApr 12, 2023
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM.

  • CVE-2022-35407HigNov 22, 2022
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable…

  • CVE-2022-34325HigNov 14, 2022
    risk 0.51cvss 7.8epss 0.00

    DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the…

  • CVE-2019-12532HigAug 26, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version…

  • CVE-2025-4410HigAug 13, 2025
    risk 0.49cvss 7.5epss 0.00

    A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code.

  • CVE-2025-4277HigAug 13, 2025
    risk 0.49cvss 7.5epss 0.00

    Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.

  • CVE-2025-4276HigAug 13, 2025
    risk 0.49cvss 7.5epss 0.00

    UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.

  • CVE-2023-31041HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.

  • CVE-2022-30283HigNov 15, 2022
    risk 0.49cvss 7.5epss 0.00

    In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working…

  • CVE-2022-24030HigFeb 3, 2022
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

  • CVE-2021-33625HigFeb 3, 2022
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS…

  • CVE-2020-5953HigFeb 3, 2022
    risk 0.49cvss 7.5epss 0.00

    A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution…

  • CVE-2021-43522HigFeb 3, 2022
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. A StorageSecurityCommandDxe SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this…

  • CVE-2020-5956HigJan 5, 2022
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer.

  • CVE-2024-27353HigMay 15, 2024
    risk 0.48cvss 7.4epss 0.00

    A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.

  • CVE-2021-33834HigSep 8, 2023
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.

Page 1 of 2