← Back

CVE-2023-39281

nvd nist
Published: Nov 1, 2023Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

Affected (11)

Products: Insyde: Insydeh2o
Insyde
1 product
Insydeh2o
Configuration A
1 vulnerable · 100 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.45.24.0039
Running on/withPlatform Versions
Intel
B760
All versions
Intel
C262
All versions
Intel
C266
All versions
Intel
Core I3 1305u
All versions
Intel
Core I3 13100
All versions
Intel
Core I3 13100e
All versions
Intel
Core I3 13100f
All versions
Intel
Core I3 13100t
All versions
Intel
Core I3 13100te
All versions
Intel
Core I3 1315u
All versions
Intel
Core I3 1315ue
All versions
Intel
Core I3 1315ure
All versions
Intel
Core I3 1320pe
All versions
Intel
Core I3 1320pre
All versions
Intel
Core I3 13300he
All versions
Intel
Core I3 13300hre
All versions
Intel
Core I5 1334u
All versions
Intel
Core I5 1335u
All versions
Intel
Core I5 1335ue
All versions
Intel
Core I5 13400
All versions
Intel
Core I5 13400e
All versions
Intel
Core I5 13400f
All versions
Intel
Core I5 13400t
All versions
Intel
Core I5 1340p
All versions
Intel
Core I5 1340pe
All versions
Intel
Core I5 13420h
All versions
Intel
Core I5 13450hx
All versions
Intel
Core I5 1345u
All versions
Intel
Core I5 1345ue
All versions
Intel
Core I5 1345ure
All versions
Intel
Core I5 13500
All versions
Intel
Core I5 13500e
All versions
Intel
Core I5 13500h
All versions
Intel
Core I5 13500hx
All versions
Intel
Core I5 13500t
All versions
Intel
Core I5 13500te
All versions
Intel
Core I5 13505h
All versions
Intel
Core I5 1350p
All versions
Intel
Core I5 1350pe
All versions
Intel
Core I5 1350pre
All versions
Intel
Core I5 13600
All versions
Intel
Core I5 13600h
All versions
Intel
Core I5 13600he
All versions
Intel
Core I5 13600hre
All versions
Intel
Core I5 13600hx
All versions
Intel
Core I5 13600k
All versions
Intel
Core I5 13600kf
All versions
Intel
Core I5 13600t
All versions
Intel
Core I5 14600k
All versions
Intel
Core I5 14600kf
All versions
Intel
Core I7 1355u
All versions
Intel
Core I7 1360p
All versions
Intel
Core I7 13620h
All versions
Intel
Core I7 13650hx
All versions
Intel
Core I7 1365u
All versions
Intel
Core I7 1365ue
All versions
Intel
Core I7 1365ure
All versions
Intel
Core I7 1366ure
All versions
Intel
Core I7 13700
All versions
Intel
Core I7 13700e
All versions
Intel
Core I7 13700f
All versions
Intel
Core I7 13700h
All versions
Intel
Core I7 13700hx
All versions
Intel
Core I7 13700k
All versions
Intel
Core I7 13700kf
All versions
Intel
Core I7 13700t
All versions
Intel
Core I7 13700te
All versions
Intel
Core I7 13705h
All versions
Intel
Core I7 1370p
All versions
Intel
Core I7 1370pe
All versions
Intel
Core I7 1370pre
All versions
Intel
Core I7 1375pre
All versions
Intel
Core I7 13800h
All versions
Intel
Core I7 13800he
All versions
Intel
Core I7 13800hre
All versions
Intel
Core I7 13850hx
All versions
Intel
Core I7 14700k
All versions
Intel
Core I7 14700kf
All versions
Intel
Core I9 13900
All versions
Intel
Core I9 13900e
All versions
Intel
Core I9 13900f
All versions
Intel
Core I9 13900h
All versions
Intel
Core I9 13900hk
All versions
Intel
Core I9 13900hx
All versions
Intel
Core I9 13900k
All versions
Intel
Core I9 13900kf
All versions
Intel
Core I9 13900ks
All versions
Intel
Core I9 13900t
All versions
Intel
Core I9 13900te
All versions
Intel
Core I9 13905h
All versions
Intel
Core I9 13950hx
All versions
Intel
Core I9 13980hx
All versions
Intel
Core I9 14900k
All versions
Intel
Core I9 14900kf
All versions
Intel
H770
All versions
Intel
Hm770
All versions
Intel
U300
All versions
Intel
U300e
All versions
Intel
Wm790
All versions
Intel
Z790
All versions
Configuration B
1 vulnerable · 10 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.44.45.0017
Running on/withPlatform Versions
Intel
Atom X7211e
All versions
Intel
Atom X7213e
All versions
Intel
Atom X7425e
All versions
Intel
Core I3 N300
All versions
Intel
Core I3 N305
All versions
Intel
N100
All versions
Intel
N200
All versions
Intel
N50
All versions
Intel
N95
All versions
Intel
N97
All versions
Configuration C
1 vulnerable · 65 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.44.34.0055
Running on/withPlatform Versions
Intel
Celeron 7300
All versions
Intel
Celeron 7305
All versions
Intel
Celeron G6900
All versions
Intel
Celeron G6900t
All versions
Intel
Core I3 12100
All versions
Intel
Core I3 12100f
All versions
Intel
Core I3 12100t
All versions
Intel
Core I3 1210u
All versions
Intel
Core I3 1215u
All versions
Intel
Core I3 1220p
All versions
Intel
Core I3 12300
All versions
Intel
Core I3 12300t
All versions
Intel
Core I5 1230u
All versions
Intel
Core I5 1235u
All versions
Intel
Core I5 12400
All versions
Intel
Core I5 12400f
All versions
Intel
Core I5 12400t
All versions
Intel
Core I5 1240p
All versions
Intel
Core I5 1240u
All versions
Intel
Core I5 12450h
All versions
Intel
Core I5 12450hx
All versions
Intel
Core I5 1245u
All versions
Intel
Core I5 12490f
All versions
Intel
Core I5 12500
All versions
Intel
Core I5 12500h
All versions
Intel
Core I5 12500t
All versions
Intel
Core I5 1250p
All versions
Intel
Core I5 12600
All versions
Intel
Core I5 12600h
All versions
Intel
Core I5 12600hx
All versions
Intel
Core I5 12600k
All versions
Intel
Core I5 12600kf
All versions
Intel
Core I5 12600t
All versions
Intel
Core I7 1250u
All versions
Intel
Core I7 1255u
All versions
Intel
Core I7 1260p
All versions
Intel
Core I7 1260u
All versions
Intel
Core I7 12650h
All versions
Intel
Core I7 12650hx
All versions
Intel
Core I7 1265u
All versions
Intel
Core I7 12700
All versions
Intel
Core I7 12700f
All versions
Intel
Core I7 12700h
All versions
Intel
Core I7 12700k
All versions
Intel
Core I7 12700kf
All versions
Intel
Core I7 12700t
All versions
Intel
Core I7 1270p
All versions
Intel
Core I7 12800h
All versions
Intel
Core I7 12800hx
All versions
Intel
Core I7 1280p
All versions
Intel
Core I7 12850hx
All versions
Intel
Core I9 12900
All versions
Intel
Core I9 12900f
All versions
Intel
Core I9 12900h
All versions
Intel
Core I9 12900hk
All versions
Intel
Core I9 12900hx
All versions
Intel
Core I9 12900k
All versions
Intel
Core I9 12900kf
All versions
Intel
Core I9 12900ks
All versions
Intel
Core I9 12900t
All versions
Intel
Core I9 12950hx
All versions
Intel
Pentium 8500
All versions
Intel
Pentium 8505
All versions
Intel
Pentium Gold G7400
All versions
Intel
Pentium Gold G7400t
All versions
Configuration D
1 vulnerable · 19 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.53.28.0013
Running on/withPlatform Versions
Amd
Ryzen 3 7440u
All versions
Amd
Ryzen 5 7540u
All versions
Amd
Ryzen 5 7545u
All versions
Amd
Ryzen 5 7640h
All versions
Amd
Ryzen 5 7640u
All versions
Amd
Ryzen 5 Pro 7640hs
All versions
Amd
Ryzen 7 7840h
All versions
Amd
Ryzen 7 7840u
All versions
Amd
Ryzen 7 Pro 7840hs
All versions
Amd
Ryzen 9 7940h
All versions
Amd
Ryzen 9 7940hs
All versions
Amd
Ryzen 9 Pro 7940hs
All versions
Amd
Ryzen Z1
All versions
Amd
Ryzen Z1 Extreme
All versions
Amd
V314
All versions
Amd
V3c16
All versions
Amd
V3c18
All versions
Amd
V3c44
All versions
Amd
V3c48
All versions
Configuration E
1 vulnerable · 11 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.45.38.0005
Running on/withPlatform Versions
Intel
Celeron 7305l
All versions
Intel
Core I3 1215ul
All versions
Intel
Core I3 12300hl
All versions
Intel
Core I5 1235ul
All versions
Intel
Core I5 1245ul
All versions
Intel
Core I5 12500hl
All versions
Intel
Core I5 12600hl
All versions
Intel
Core I7 1255ul
All versions
Intel
Core I7 1265ul
All versions
Intel
Core I7 12700hl
All versions
Intel
Core I7 12800hl
All versions
Configuration F
1 vulnerable · 7 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.53.23.0011
Running on/withPlatform Versions
Amd
Ryzen 7 7645hx
All versions
Amd
Ryzen 7 7745hx
All versions
Amd
Ryzen 7 7840hx
All versions
Amd
Ryzen 9 7645hx3d
All versions
Amd
Ryzen 9 7845hx
All versions
Amd
Ryzen 9 7940hx
All versions
Amd
Ryzen 9 7945hx
All versions
Configuration G
1 vulnerable · 4 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.53.23.0014
Running on/withPlatform Versions
Amd
Athlon Gold 7220u
All versions
Amd
Athlon Silver 7120u
All versions
Amd
Ryzen 3 7320u
All versions
Amd
Ryzen 5 7520u
All versions
Configuration H
1 vulnerable · 14 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.53.22.0008
Running on/withPlatform Versions
Amd
Ryzen 5 7500f
All versions
Amd
Ryzen 5 7600
All versions
Amd
Ryzen 5 7600x
All versions
Amd
Ryzen 5 Pro 7645
All versions
Amd
Ryzen 7 7700
All versions
Amd
Ryzen 7 7700x
All versions
Amd
Ryzen 7 7800x3d
All versions
Amd
Ryzen 7 Pro 7745
All versions
Amd
Ryzen 9 7900
All versions
Amd
Ryzen 9 7900x
All versions
Amd
Ryzen 9 7900x3d
All versions
Amd
Ryzen 9 7950x
All versions
Amd
Ryzen 9 7950x3d
All versions
Amd
Ryzen 9 Pro 7945
All versions
Configuration I
1 vulnerable · 16 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.44.30.0022
Running on/withPlatform Versions
Amd
Ryzen 3 7335u
All versions
Amd
Ryzen 5 6600h
All versions
Amd
Ryzen 5 6600hs
All versions
Amd
Ryzen 5 6600u
All versions
Amd
Ryzen 5 7535hs
All versions
Amd
Ryzen 5 7535u
All versions
Amd
Ryzen 7 6800h
All versions
Amd
Ryzen 7 6800hs
All versions
Amd
Ryzen 7 6800u
All versions
Amd
Ryzen 7 7735hs
All versions
Amd
Ryzen 7 7735u
All versions
Amd
Ryzen 7 7736u
All versions
Amd
Ryzen 9 6900hs
All versions
Amd
Ryzen 9 6900hx
All versions
Amd
Ryzen 9 6980hs
All versions
Amd
Ryzen 9 6980hx
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.43.06.0021
Running on/withPlatform Versions
Amd
Van Gogh 0405
All versions
Configuration K
1 vulnerable · 31 platform
Vulnerable SoftwareAffected Versions
Insydeh2o
Version 05.42.37.0031
Running on/withPlatform Versions
Amd
Ryzen3 5300u
All versions
Amd
Ryzen 3 5100
All versions
Amd
Ryzen 3 5125c
All versions
Amd
Ryzen 3 5300g
All versions
Amd
Ryzen 3 5300ge
All versions
Amd
Ryzen 3 5400u
All versions
Amd
Ryzen 3 5425u
All versions
Amd
Ryzen 3 Pro 7330u
All versions
Amd
Ryzen 5 5500
All versions
Amd
Ryzen 5 5500h
All versions
Amd
Ryzen 5 5500u
All versions
Amd
Ryzen 5 5560u
All versions
Amd
Ryzen 5 5600g
All versions
Amd
Ryzen 5 5600ge
All versions
Amd
Ryzen 5 5600h
All versions
Amd
Ryzen 5 5600hs
All versions
Amd
Ryzen 5 5600u
All versions
Amd
Ryzen 5 5625u
All versions
Amd
Ryzen 5 Pro 7530u
All versions
Amd
Ryzen 7 5700
All versions
Amd
Ryzen 7 5700g
All versions
Amd
Ryzen 7 5700ge
All versions
Amd
Ryzen 7 5700u
All versions
Amd
Ryzen 7 5800h
All versions
Amd
Ryzen 7 5800hs
All versions
Amd
Ryzen 7 5800u
All versions
Amd
Ryzen 7 5825u
All versions
Amd
Ryzen 7 Pro 7730u
All versions
Amd
Ryzen 9 5900hs
All versions
Amd
Ryzen 9 5900hx
All versions
Amd
Ryzen 9 5980hs
All versions

Related CWEs

CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.