Lucene search
China National Vulnerability DatabaseCNVD-2022-10277HistoryFeb 09, 2022 - 12:00 a.m.
Insyde InsydeH2O Buffer Overflow Vulnerability (CNVD-2022-10277)
2022-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.0004 Low
EPSS
Percentile
5.1%
Insyde InsydeH2O is a C source from Insyde Software (Taiwan, China) that implements the new technology “EFI/UEFI” specification, designed to replace the legacy BIOS (Basic Input/Output System). Operating System (H2O) UEFI firmware suffers from a buffer overflow vulnerability that could be exploited by an attacker to write fixed or predictable data to SMRAM.
Related
prion
prion
Memory corruption
2022-02-03 02:15:00
cvelist
cvelist
CVE-2021-42554
2022-02-03 01:40:56
nessus
nessus
Siemens InsydeH2O Out-of-bounds Write (CVE-2021-42554)
2023-09-26 00:00:00
nvd
nvd
CVE-2021-42554
2022-02-03 02:15:07
cve
cve
CVE-2021-42554
2022-02-03 02:15:07
f5
f5
K45810018 : Multiple Insyde BIOS/EFI vulnerabilities
2022-02-15 00:00:00
cert
cert
InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-02-01 00:00:00