Insyde's Security Pledge
Recent Security Advisories

INSYDE-SA-2022031
Product
CVSS Score
Original Date
Last Revised
InsydeH2O
7.5
2022-09-21
Summary
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Details
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
This affects the UsbLegacyControlSmm driver of InsydeH2O. This issue was discovered by the Binarly efiXplorer team. This issue is fixed in InsydeH2O, versions:
Solution Information
Kernel 5.0 (issue IB02040690 in version 05.09.38)
Kernel 5.1 (issue IB02040690 in version 05.17.38)
Kernel 5.2 (issue IB02040690 in version 05.27.28)
Kernel 5.3 (issue IB02040690 in version 05.36.28)
Kernel 5.4 (issue IB02040690 in version 05.44.28)
Kernel 5.5 (issue IB02040690 in version 05.52.28)
Acknowledgements
Insyde Software would like to thank Binarly for reporting this issue.
Revision History
Revision #
Date
Description
1
2022-09-21
Initial Release