Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.02~5.28, 100.00.00.00~100.00.08.23 and 200.00.00.01~200.00.00.05, H2OOAE before version 200.00.00.02, H2OSDE before version 200.00.00.07, H2OUVE before version 200.00.02.02, H2OPCM before version 100.00.06.00, H2OELV before version 100.00.02.08.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Insyde产品访问控制错误漏洞
Vulnerability Description
Insyde H2OFFT等都是中国台湾系微(Insyde)公司的一套用于BIOS固件开发的工具。 多款Insyde软件工具存在访问控制错误漏洞。以下产品及版本受到影响:H2OFFT 3.02版本至5.28版本,100.00.00.00版本至100.00.08.23版本,200.00.00.01版本至200.00.00.05版本;H2OOAE 200.00.00.02之前版本;H2OSDE 200.00.00.07之前版本;H2OUVE 200.00.02.02之前版本;H2OPCM 100.00.06.
CVSS Information
N/A
Vulnerability Type
N/A