系微安全保證
最新安全公告
Security Advisory Archives
BIOS & BMC
InsydeH2O | 2022年09月21日 : SA-2022031
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022031 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H | 7.5 |
InsydeH2O | 2022年09月21日 : SA-2022030
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022030 | SMM memory leak vulnerability in SMM driver (SMRAM read) in InsydeH2O. | 6.0 |
InsydeH2O | 2022年09月21日 : SA-2022029
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022029 | SMM callout vulnerability in SMM driver (SMM arbitrary code execution) in InsydeH2O. | 7.5 |
InsydeH2O | 2022年07月5日 : SA-2022028
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022028 | Some versions of InsydeH2O use the FreeType tools to embed fonts into the BIOS. InsydeH2O does not use the FreeType API at runtime and usage during build time does not produce a vulnerability in the BIOS. | 3.6 |
InsydeH2O | 2022年02月21日 : SA-2022027
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022027 | User and administrator password hashes are exposed in runtime UEFI variables, leading to escalation of privilege. | 6.5 |
InsydeH2O | 2022年02月21日 : SA-2022026
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022026 | Error in handling the PlatformLangCodes UEFI variable could cause a buffer overflow, leading to resource exhaustion and failure. | 6.7 |
InsydeH2O | 2022年02月21日 : SA-2022025
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022025 | HDD password is stored in plaintext. | 7.8 |
InsydeH2O | 2022年02月1日 : SA-2022024
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022024 | An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer "current_ptr" to read or write or manipulate data into SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler. | 8.2 |
InsydeH2O | 2022年02月1日 : SA-2022023
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022023 | An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler. An attacker can use this unsafe pointer "ptr" to read or write or manipulate data in the SMRAM. Exploitation of this vulnerability can lead to escalation of privileges reserved only for SMM using the SwSMI handler. | 8.2 |
InsydeH2O | 2022年02月1日 : SA-2022022
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022022 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. | 8.2 |
InsydeH2O | 2022年02月1日 : SA-2022021
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022021 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. | 8.2 |
InsydeH2O | 2022年02月1日 : SA-2022020
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022020 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This can be used by an attacker to overwrite address location of any of the functions (FreePool,LocateHandleBuffer,HandleProtocol) to the address location of arbitrary code controlled by the attacker. On system call to SWSMI handler, the arbitrary code can be triggered to execute. | 8.2 |