Search Insyde.com

系微安全保證

最新安全公告

Security Advisory Archives

BIOS & BMC

InsydeH2O | 2023年04月10日 : SA-2023022

Link	Summary	CVSS Score
INSYDE-SA-2023022	IhisiServicesSmm: Save State Register Not Checked Before Use.	6.4

InsydeH2O | 2023年04月10日 : SA-2023023

Link	Summary	CVSS Score
INSYDE-SA-2023023	IhisiServicesSmm: Write To Attacker Controlled Address.	7.3

InsydeH2O | 2023年04月10日 : SA-2023024

Link	Summary	CVSS Score
INSYDE-SA-2023024	[EDK2] MdeModulePkg/PiSmmCore: SmmEntryPoint underflow.	8.2

InsydeH2O | 2023年04月10日 : SA-2023025

Link	Summary	CVSS Score
INSYDE-SA-2023025	[EDK2] NetworkPkg/IScsiDxe: remotely exploitable buffer overflows.	8.1

InsydeH2O | 2023年03月7日 : SA-2023017

Link	Summary	CVSS Score
INSYDE-SA-2023017	H2OSmmDebugPrintErrorLevelLib: Variable size is not initialized before calling GetVariable.	6.4

InsydeH2O | 2023年02月14日 : SA-2023009

Link	Summary	CVSS Score
INSYDE-SA-2023009	DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	8.2

InsydeH2O | 2023年02月14日 : SA-2023008

Link	Summary	CVSS Score
INSYDE-SA-2023008	DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	7.5

InsydeH2O | 2023年02月14日 : SA-2023007

Link	Summary	CVSS Score
INSYDE-SA-2023007	DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	8.2

InsydeH2O | 2023年02月14日 : SA-2023006

Link	Summary	CVSS Score
INSYDE-SA-2023006	DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	8.2

InsydeH2O | 2023年02月14日 : SA-2023005

Link	Summary	CVSS Score
INSYDE-SA-2023005	DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	8.2

InsydeH2O | 2023年02月14日 : SA-2023003

Link	Summary	CVSS Score
INSYDE-SA-2023003	DMA attacks on the IHISI command buffer could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.	8.2

InsydeH2O | 2023年02月14日 : SA-2023002

Link	Summary	CVSS Score
INSYDE-SA-2023002	DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges	8.2

返回主要安全公告页面