Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Insyde InsydeH2O 输入验证错误漏洞
Vulnerability Description
Insyde InsydeH2O是中国台湾系微(Insyde)公司的一个 C 语言源,它实现了新技术“EFI/UEFI”规范,旨在取代传统的 BIOS(基本输入/输出系统)。 Insyde InsydeH2O kernel 5.0至5.5版本存在安全漏洞,该漏洞源于其FvbServicesRuntimeDxe驱动程序出现SMM内存损坏问题允许攻击者将固定或可预测的数据写入SMRAM。利用这个缺陷可能导致将权限升级到SMM。
CVSS Information
N/A
Vulnerability Type
N/A