系微安全保證
最新安全公告
Security Advisory Archives
BIOS & BMC
InsydeH2O | 2023年02月14日 : SA-2023001
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023001 | DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 8.2 |
InsydeH2O | 2023年02月14日 : SA-2023015
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023015 | DMA attacks on the NvmExpressDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 7.8 |
InsydeH2O | 2023年02月14日 : SA-2023014
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023014 | DMA attacks on the SdMmcDevice shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 7.8 |
InsydeH2O | 2023年02月14日 : SA-2023013
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023013 | DMA attacks on the SdHostDriver shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 7.8 |
InsydeH2O | 2023年02月14日 : SA-2023010
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023010 | DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 7.5 |
InsydeH2O | 2023年02月14日 : SA-2023001
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2023001 | DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. | 8.2 |
InsydeH2O | 2022年11月14日 : SA-2022065
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022065 | Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. | 7.2 |
InsydeH2O | 2022年11月14日 : SA-2022064
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022064 | Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. | 8.2 |
InsydeH2O | 2022年11月14日 : SA-2022063
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022063 | In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges. | 7.5 |
InsydeH2O | 2022年11月14日 : SA-2022062
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022062 | Use of an untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. | 7.5 |
InsydeH2O | 2022年11月14日 : SA-2020061
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2020061 | Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. | 7.5 |
InsydeH2O | 2022年11月14日 : SA-2022060
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022060 | Incorrect pointer checks within the FwBlockServiceSmm driver can allow arbitrary RAM modifications. | 7.5 |