Lucene search
China National Vulnerability DatabaseCNVD-2022-10276HistoryFeb 09, 2022 - 12:00 a.m.
Insyde InsydeH2O permission permission and access control issues vulnerability (CNVD-2022-10276)
2022-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
22.1%
Insyde InsydeH2O is a C source from Insyde Software (Taiwan, China) that implements the new technology “EFI/UEFI” specification, designed to replace the legacy BIOS (Basic Input/Output System). Operating System (H2O) UEFI firmware is vulnerable to permission and access control issues, which can be exploited to hijack the execution flow of code running in system management mode.
Related
nessus
nessus
Siemens InsydeH2O SMM Privilege Escalation (CVE-2021-43323)
2023-09-26 00:00:00
prion
prion
Code injection
2022-02-03 02:15:00
cve
cve
CVE-2021-43323
2022-02-03 02:15:07
cvelist
cvelist
CVE-2021-43323
2022-02-03 01:50:01
nvd
nvd
CVE-2021-43323
2022-02-03 02:15:07
f5
f5
K45810018 : Multiple Insyde BIOS/EFI vulnerabilities
2022-02-15 00:00:00
cert
cert
InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-02-01 00:00:00