Insyde InsydeH2O is a C source from Insyde Software (Taiwan, China) that implements the new technology “EFI/UEFI” specification, designed to replace the legacy BIOS (Basic Input/Output System). The vulnerability can be exploited to read or write or manipulate data to SMRAM, resulting in an escalation of privileges reserved for SMM using the SwSMI handler.