Today > 1 Critical | 5 High | 20 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-25078

May 15, 2024, 4:40 p.m.

Product(s) Impacted

Insyde InsydeH2O

  • < 05.29.07
  • < 05.38.07
  • < 05.46.07
  • < 05.54.07
  • < 05.61.07

InsydeH2O BIOS

  • before kernel 5.2
  • 05.29.07, 05.38.07, 05.46.07, 05.54.07, 05.61.07

Description

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM.

Weaknesses

Date

Published: May 15, 2024, 2:15 p.m.

Last Modified: May 15, 2024, 4:40 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References