Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2025006

Product

CVSS Score

Original Date

Last Revised

InsydeH2O

See in Description

2025-08-12

Summary

Secure Boot Forbidden Signature Database, dbx, update.

Vulnerability Details

CVSS Vector: See in Description

Update Secure Boot dbx which addresses following vulnerability

1. CVE-2025-3052
CVSS: 8.2; CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description: An arbitrary write vulnerability in a signed UEFI firmware allows for SecureBoot bypass.

Solution Information

Kernel 5.2, Version 05.2A.24
Kernel 5.3, Version 05.39.24
Kernel 5.4, Version 05.47.24
Kernel 5.5, Version 05.55.24
Kernel 5.6, Version 05.62.24
Kernel 5.7, Version 05.71.24

Acknowledgements

Revision History

Revision #

Date

Description

2025-08-12

Initial Release

< Back to Security Pledge