Lucene search
China National Vulnerability DatabaseCNVD-2022-10275HistoryFeb 09, 2022 - 12:00 a.m.
Insyde InsydeH2O Buffer Overflow Vulnerability (CNVD-2022-10275)
2022-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.0004 Low
EPSS
Percentile
12.6%
Insyde InsydeH2O is a C source from Insyde Software (Taiwan, China) that implements the new technology “EFI/UEFI” specification, designed to replace the legacy BIOS (Basic Input/Output System). Operating System (H2O) UEFI firmware has a buffer overflow vulnerability that can be exploited to write fixed or predictable data to SMRAM.
| CPE | Name | Operator | Version |
|---|---|---|---|
| insyde ahcibusdxe | eq | 05.14.34 | |
| insyde ahcibusdxe | eq | 05.24.34 | |
| insyde ahcibusdxe | eq | 05.33.34 |
Related
nvd
nvd
CVE-2021-43522
2022-02-03 00:15:07
nessus
nessus
Siemens InsydeH2O Out-of-bounds Write (CVE-2021-43522)
2023-09-26 00:00:00
prion
prion
Memory corruption
2022-02-03 00:15:00
cvelist
cvelist
CVE-2021-43522
2022-02-02 23:41:09
cve
cve
CVE-2021-43522
2022-02-03 00:15:07
cert
cert
InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-02-01 00:00:00
f5
f5
K45810018 : Multiple Insyde BIOS/EFI vulnerabilities
2022-02-15 00:00:00