Insyde's Security Pledge
Recent Security Advisories
![](https://www.insyde.com/wp-content/uploads/abstract-3.jpg)
INSYDE-SA-2022040
Product
CVSS Score
Original Date
Last Revised
InsydeH2O
7.7
2022-11-04
Summary
Stack buffer overflow vulnerability leads to arbitrary code execution.
Vulnerability Details
CVSS Vector: CVSS3.1:AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
This issue affects the SetupUtility driver of InsydeH2O in releases supporting specific chipsets. The issue was discovered by the Binarly efiXplorer team. This issue is fixed in various InsydeH2O chipset versions.
Solution Information
Acknowledgements
Revision History
Revision #
Date
Description
1
2022-11-04
Initial Release