CVE-2022-35893

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://binarly.io/advisories/BRLY-2022-026/index.html	Third Party Advisory
https://www.insyde.com/security-pledge	Vendor Advisory
https://www.insyde.com/security-pledge/SA-2022035	Vendor Advisory
https://binarly.io/advisories/BRLY-2022-026/index.html	Third Party Advisory
https://www.insyde.com/security-pledge	Vendor Advisory
https://www.insyde.com/security-pledge/SA-2022035	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-09-23 19:15

Updated : 2024-11-21 07:11

NVD link : CVE-2022-35893

Mitre link : CVE-2022-35893

CVE.ORG link : CVE-2022-35893

JSON object : View

Products Affected

insyde

insydeh2o

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2022-35893", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}]}, "published": "2022-09-23T19:15:14.207", "references": [{"url": "https://binarly.io/advisories/BRLY-2022-026/index.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/security-pledge", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.insyde.com/security-pledge/SA-2022035", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://binarly.io/advisories/BRLY-2022-026/index.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.insyde.com/security-pledge", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.insyde.com/security-pledge/SA-2022035", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM."}, {"lang": "es", "value": "Se ha detectado un problema en Insyde InsydeH2O con el kernel versiones 5.0 hasta 5.5. Una vulnerabilidad de corrupci\u00f3n de memoria SMM en el controlador FvbServicesRuntimeDxe permite a un atacante escribir datos fijos o predecibles en la SMRAM. Una explotaci\u00f3n de este problema podr\u00eda conllevar a una escalada de privilegios en SMM.\n"}], "lastModified": "2024-11-21T07:11:53.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E2D2426-1E28-46F4-A04E-A83A3DBD01AC", "versionEndExcluding": "05.09.37", "versionStartIncluding": "5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9D00C0C-C730-47ED-B561-1433BB640780", "versionEndExcluding": "05.17.37", "versionStartIncluding": "5.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8D0A7D7-5775-4B3A-B998-37EF7FB4B8D6", "versionEndExcluding": "05.27.29", "versionStartIncluding": "5.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5FECD45-7167-4312-B2ED-36D309A8C5EC", "versionEndExcluding": "05.36.29", "versionStartIncluding": "5.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98809678-EA92-4A53-82B7-34A4504EF1C7", "versionEndExcluding": "05.44.29", "versionStartIncluding": "5.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53B89A38-CB9D-44BE-8693-80957205AF31", "versionEndExcluding": "05.52.29", "versionStartIncluding": "5.5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}