系微安全保證

最新安全公告

Security Advisory Archives

BIOS & BMC

Link
Summary
CVSS Score
INSYDE-SA-2022019A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variables EFI_BOOT_SERVICES and EFI_RUNTIME_SERVICES. This can be used by an attacker to overwrite address location of the function (LocateHandleBuffer) to the address location of arbitrary code controlled by the attacker. On system call to SWSMI handler, the arbitrary code can be triggered to execute.
8.2
Link
Summary
CVSS Score
INSYDE-SA-2022018A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This allows an attacker who is capable of executing code in DXE phase to exploit this vulnerability to escalate privileges to SMM. The attacker can overwrite the LocateProtocol or Freepool memory address location to execute unwanted code .
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022017A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2).
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022016SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
8.2
Link
Summary
CVSS Score
INSYDE-SA-2022015SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022014SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022013SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
8.2
Link
Summary
CVSS Score
INSYDE-SA-2022012SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022011SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022010SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
8.2
Link
Summary
CVSS Score
INSYDE-SA-2022009SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2022008SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
8.2
返回主要安全公告頁面