CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
9.0%
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.
Vendor | Product | Version | CPE |
---|---|---|---|
insyde | h2offt | 6.20.00 | cpe:2.3:a:insyde:h2offt:6.20.00:*:*:*:*:*:*:* |
insyde | iscflashx64.sys | 3.9.3.0 | cpe:2.3:a:insyde:iscflashx64.sys:3.9.3.0:*:*:*:*:*:*:* |