Insydeh2o

insydeh2o

Vendor: Insyde • 66 CVEs

CVEs (66)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-41842 1Insyde 1Insydeh2o Nov 21, 2024 Jan 6, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution c...Show more An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check.Show less
CVE-2021-45970 1Insyde 1Insydeh2o Nov 4, 2025 Jan 5, 2022 N/A· v4 8.2 HIGH· v3 7.2 HIGH· v2 An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System...Show more An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location).Show less
CVE-2021-45969 1Insyde 1Insydeh2o Nov 4, 2025 Jan 5, 2022 N/A· v4 8.2 HIGH· v3 7.2 HIGH· v2 An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System...Show more An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location).Show less
CVE-2020-5956 1Insyde 1Insydeh2o Nov 21, 2024 Jan 5, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input beca...Show more An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer.Show less
CVE-2021-33626 2Insyde Siemens 17Insydeh2o Ruggedcom Apr1808 FirmwareSimatic Field Pg M5 Firmware+14 more Nov 4, 2025 Oct 1, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an...Show more A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution.Show less
CVE-2020-27339 2Insyde Siemens 17Insydeh2o Ruggedcom Apr1808 FirmwareSimatic Field Pg M5 Firmware+14 more Nov 4, 2025 Jun 16, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for...Show more In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).Show less

Previous 1 2 34