Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2023034

Product

CVSS Score

Original Date

Last Revised

InsydeH2O

6.1

2023-06-13

Summary

Insyde Setup EFI Variable Lock Bypass Vulnerability.

Vulnerability Details

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N

CVE-2023-26090

An architectural flaw in how the InsydeH2O UEFI code handles configuring UEFI NVRAM variables. It is possible, from a EFI Shell, to edit memory in a fashion which allows a user the ability to arbitrarily modify the Setup NVRAM Variable, which in turns allows an attacker to enable manufacturer features. This is the security boundary which is bypassed in this vulnerability report.

Solution Information

Intel Mobile Platforms:
RPL: Version 05.45.11.0033
ADL-N: Version 05.44.45.0016
ADL: Version 05.44.34.0055
RKL: Version 05.42.52.0028
TGL: Version 05.43.12.0057
JSL: Version Tag 05.43.01.0026

Intel Server/Embedded Platforms
Jacobsville(SNR): Version 05.37.13.0055
ElkhartLake: Version 05.45.07.0020
Alder Lake N: Version 05.45.07.0003

Acknowledgements

Insyde Software would like to thank Nicholas Starke from HPE for reporting the vulnerability and engaging in the coordinated disclosure.

Revision History

Revision #

Date

Description

1

2023-06-13

Initial Release