All the vulnerabilites related to Insyde Software - InsydeH2O
cve-2025-4421
Vulnerability from cvelistv5
Published
2025-07-30 00:39
Modified
2025-07-30 15:24
Severity ?
EPSS score ?
Summary
EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:23:13.418617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:24:03.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:39:28.366Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4421",
"datePublished": "2025-07-30T00:39:28.366Z",
"dateReserved": "2025-05-08T03:44:51.949Z",
"dateUpdated": "2025-07-30T15:24:03.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4424
Vulnerability from cvelistv5
Published
2025-07-30 00:43
Modified
2025-07-30 14:49
Severity ?
EPSS score ?
Summary
SetupAutomationSmm : Arbitrary calls to SmmSetVariable with unsanitised arguments in SMI handler
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:22:57.190859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T14:49:46.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:43:53.891Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SetupAutomationSmm : Arbitrary calls to SmmSetVariable with unsanitised arguments in SMI handler",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4424",
"datePublished": "2025-07-30T00:43:53.891Z",
"dateReserved": "2025-05-08T03:44:58.462Z",
"dateUpdated": "2025-07-30T14:49:46.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4426
Vulnerability from cvelistv5
Published
2025-07-30 00:46
Modified
2025-07-30 13:58
Severity ?
EPSS score ?
Summary
SetupAutomationSmm : SMRAM memory contents leak / information disclosure vulnerability in SMM module
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:53:39.417776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:58:28.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:46:27.918Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SetupAutomationSmm : SMRAM memory contents leak / information disclosure vulnerability in SMM module",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4426",
"datePublished": "2025-07-30T00:46:27.918Z",
"dateReserved": "2025-05-08T03:45:01.916Z",
"dateUpdated": "2025-07-30T13:58:28.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4423
Vulnerability from cvelistv5
Published
2025-07-30 00:42
Modified
2025-07-30 14:50
Severity ?
EPSS score ?
Summary
SetupAutomationSmm:Vulnerability in the SMM module allow attacker to write arbitrary code and lead to memory corruption
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4423",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:23:02.618163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T14:50:01.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:42:01.874Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SetupAutomationSmm:Vulnerability in the SMM module allow attacker to write arbitrary code and lead to memory corruption",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4423",
"datePublished": "2025-07-30T00:42:01.874Z",
"dateReserved": "2025-05-08T03:44:57.075Z",
"dateUpdated": "2025-07-30T14:50:01.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4410
Vulnerability from cvelistv5
Published
2025-08-13 01:49
Modified
2025-08-13 01:49
Severity ?
EPSS score ?
Summary
SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"See in the Solution"
],
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"status": "affected",
"version": "See in the Solution",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-08-13T01:34:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code."
}
],
"value": "A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T01:49:47.629Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025005/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Intel Mobil Platforms:\u003cbr\u003e\u003cbr\u003ePantherLake: Version 05.71.04.0012 \u003cbr\u003eLunarLake: Version 05.62.21.0033\u003cbr\u003eArrowLake H/U: Version 05.55.17.0017\u003cbr\u003eArrowLake S/HX: Version 05.55.17.0028\u003cbr\u003eMeteorLake: Version 05.55.17.0036\u003cbr\u003eRapterLake: Version 05.47.21.0055\u003cbr\u003eTwinLake: Version 05.44.45.0027\u003cbr\u003e\u003cbr\u003eIntel Server/Embedded Platforms:\u003cbr\u003e\u003cbr\u003ePurley: Version 05.21.51.0064\u003cbr\u003eWhitley: Version 05.42.23.0078\u003cbr\u003eCedarIsland: Version 05.42.11.0031\u003cbr\u003eEagle Stream: Version 05.47.31.1049\u003cbr\u003eBirch Stream: Version 05.62.16.0082\u003cbr\u003eMehlow: Version 05.23.04.0054\u003cbr\u003eTatlow: Version 05.42.52.0029\u003cbr\u003eJacobsville: (Not Affected)\u003cbr\u003eHarrisonville: (Not Affected)\u003cbr\u003eIdaville: Version 05.47.21.0067\u003cbr\u003eWhiskeyLake: Version 05.23.45.0032\u003cbr\u003eCometLake-S: Version 05.34.19.0050\u003cbr\u003eTigerLake UP3/H: Version 05.43.12.0062\u003cbr\u003eAlderLake: Version 05.47.21.2055\u003cbr\u003eGemini Lake: (Not Affected)\u003cbr\u003eElkhartLake: Version 05.47.21.0028\u003cbr\u003eAlder Lake N: Version 05.47.21.0013\u003cbr\u003eAmstonLake: Version 05.47.21.0008\u003cbr\u003e"
}
],
"value": "Intel Mobil Platforms:\n\nPantherLake: Version 05.71.04.0012 \nLunarLake: Version 05.62.21.0033\nArrowLake H/U: Version 05.55.17.0017\nArrowLake S/HX: Version 05.55.17.0028\nMeteorLake: Version 05.55.17.0036\nRapterLake: Version 05.47.21.0055\nTwinLake: Version 05.44.45.0027\n\nIntel Server/Embedded Platforms:\n\nPurley: Version 05.21.51.0064\nWhitley: Version 05.42.23.0078\nCedarIsland: Version 05.42.11.0031\nEagle Stream: Version 05.47.31.1049\nBirch Stream: Version 05.62.16.0082\nMehlow: Version 05.23.04.0054\nTatlow: Version 05.42.52.0029\nJacobsville: (Not Affected)\nHarrisonville: (Not Affected)\nIdaville: Version 05.47.21.0067\nWhiskeyLake: Version 05.23.45.0032\nCometLake-S: Version 05.34.19.0050\nTigerLake UP3/H: Version 05.43.12.0062\nAlderLake: Version 05.47.21.2055\nGemini Lake: (Not Affected)\nElkhartLake: Version 05.47.21.0028\nAlder Lake N: Version 05.47.21.0013\nAmstonLake: Version 05.47.21.0008"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4410",
"datePublished": "2025-08-13T01:49:47.629Z",
"dateReserved": "2025-05-07T06:45:13.610Z",
"dateUpdated": "2025-08-13T01:49:47.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4425
Vulnerability from cvelistv5
Published
2025-07-30 00:45
Modified
2025-07-30 14:00
Severity ?
EPSS score ?
Summary
SetupAutomationSmm: Stack overflow vulnerability in SMI handler
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:59:54.430045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T14:00:56.269Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:45:32.592Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SetupAutomationSmm: Stack overflow vulnerability in SMI handler",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4425",
"datePublished": "2025-07-30T00:45:32.592Z",
"dateReserved": "2025-05-08T03:45:00.211Z",
"dateUpdated": "2025-07-30T14:00:56.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4422
Vulnerability from cvelistv5
Published
2025-07-30 00:40
Modified
2025-07-30 14:50
Severity ?
EPSS score ?
Summary
EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:23:08.065387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T14:50:12.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "L05.05.40.011803.172079",
"status": "affected",
"version": "Feature developed for Lenovo",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BINARLY REsearch team"
}
],
"datePublic": "2025-07-30T00:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/home\"\u003ehttps://support.lenovo.com/us/en/product_security/home\u003c/a\u003e"
}
],
"value": "The vulnerability was identified in the code developed specifically for Lenovo. Please visit \"Lenovo Product Security Advisories and Announcements\" webpage for more information about the vulnerability.\u00a0 https://support.lenovo.com/us/en/product_security/home"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T00:40:47.816Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025007/"
},
{
"url": "https://support.lenovo.com/us/en/product_security/home"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4422",
"datePublished": "2025-07-30T00:40:47.816Z",
"dateReserved": "2025-05-08T03:44:55.188Z",
"dateUpdated": "2025-07-30T14:50:12.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4277
Vulnerability from cvelistv5
Published
2025-08-13 01:46
Modified
2025-08-13 01:46
Severity ?
EPSS score ?
Summary
Tcg2Smm: improper input validation may lead to arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "05.2A.21",
"status": "affected",
"version": "Kernel 5.2",
"versionType": "custom"
},
{
"lessThan": "05.39.21",
"status": "unaffected",
"version": "Kernel 5.3",
"versionType": "custom"
},
{
"lessThan": "05.47.21",
"status": "affected",
"version": "Kernel 5.4",
"versionType": "custom"
},
{
"lessThan": "05.55.21",
"status": "affected",
"version": "Kernel 5.5",
"versionType": "custom"
},
{
"lessThan": "05.62.21",
"status": "affected",
"version": "Kernel 5.6",
"versionType": "custom"
},
{
"lessThan": "05.71.21",
"status": "affected",
"version": "Kernel 5.7",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-08-13T01:34:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level."
}
],
"value": "Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T01:46:22.998Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025005/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Kernel 5.2, Version 05.2A.21\u003cbr\u003eKernel 5.3, Version 05.39.21\u003cbr\u003eKernel 5.4, Version 05.47.21\u003cbr\u003eKernel 5.5, Version 05.55.21\u003cbr\u003eKernel 5.6, Version 05.62.21\u003cbr\u003eKernel 5.7, Version 05.71.21\u003cbr\u003e"
}
],
"value": "Kernel 5.2, Version 05.2A.21\nKernel 5.3, Version 05.39.21\nKernel 5.4, Version 05.47.21\nKernel 5.5, Version 05.55.21\nKernel 5.6, Version 05.62.21\nKernel 5.7, Version 05.71.21"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Tcg2Smm: improper input validation may lead to arbitrary code execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4277",
"datePublished": "2025-08-13T01:46:22.998Z",
"dateReserved": "2025-05-05T02:10:48.657Z",
"dateUpdated": "2025-08-13T01:46:22.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4276
Vulnerability from cvelistv5
Published
2025-08-13 01:41
Modified
2025-08-13 01:41
Severity ?
EPSS score ?
Summary
UsbCoreDxe: improper input validation may lead to arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "05.39.18",
"status": "affected",
"version": "Kernel 5.3",
"versionType": "custom"
},
{
"lessThan": "05.47.18",
"status": "unaffected",
"version": "Kernel 5.4",
"versionType": "custom"
},
{
"lessThan": "05.55.18",
"status": "affected",
"version": "Kernel 5.5",
"versionType": "custom"
},
{
"lessThan": "05.62.18",
"status": "affected",
"version": "Kernel 5.6",
"versionType": "custom"
},
{
"lessThan": "05.71.18",
"status": "affected",
"version": "Kernel 5.7",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-08-13T01:34:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level."
}
],
"value": "UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T01:41:56.834Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025005/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Kernel 5.3 : Version Tag 05.39.18 \u003cbr\u003eKernel 5.4 : Version Tag 05.47.18 \u003cbr\u003eKernel 5.5 : Version Tag 05.55.18 \u003cbr\u003eKernel 5.6 : Version Tag 05.62.18 \u003cbr\u003eKernel 5.7 : Version Tag 05.71.18\u003cbr\u003e"
}
],
"value": "Kernel 5.3 : Version Tag 05.39.18 \nKernel 5.4 : Version Tag 05.47.18 \nKernel 5.5 : Version Tag 05.55.18 \nKernel 5.6 : Version Tag 05.62.18 \nKernel 5.7 : Version Tag 05.71.18"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "UsbCoreDxe: improper input validation may lead to arbitrary code execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4276",
"datePublished": "2025-08-13T01:41:56.834Z",
"dateReserved": "2025-05-05T02:10:43.371Z",
"dateUpdated": "2025-08-13T01:41:56.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4275
Vulnerability from cvelistv5
Published
2025-06-11 00:25
Modified
2025-07-30 13:30
Severity ?
EPSS score ?
Summary
SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Insyde Software | InsydeH2O |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-06-11T01:32:11.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/211341"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T13:38:13.231273Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:30:23.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"kernel 5.2",
"kernel 5.3",
"kernel 5.4",
"kernel 5.5",
"kernel 5.6",
"kernel 5.7"
],
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"lessThan": "05.2A.16",
"status": "affected",
"version": "Kernel 5.2",
"versionType": "Tag"
},
{
"lessThan": "05.39.16",
"status": "affected",
"version": "Kernel 5.3",
"versionType": "Tag"
},
{
"lessThan": "05.47.16",
"status": "affected",
"version": "Kernel 5.4",
"versionType": "Tag"
},
{
"lessThan": "05.55.16",
"status": "affected",
"version": "Kernel 5.5",
"versionType": "Tag"
},
{
"lessThan": "05.62.16",
"status": "affected",
"version": "Kernel 5.6",
"versionType": "Tag"
},
{
"lessThan": "05.71.16",
"status": "affected",
"version": "Kernel 5.7",
"versionType": "Tag"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Thanks to Nikolaj Schlej, independent firmware security researcher, for reporting the vulnerability and engaging in this coordinated disclosure."
}
],
"datePublic": "2025-06-10T00:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(235, 235, 235);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T07:10:29.854Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025002/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.2, Version 05.2A.16\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.3, Version 05.39.16\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.4, Version 05.47.16\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.5, Version 05.55.16\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.6, Version 05.62.16\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ekernel 5.7, Version 05.71.16\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "kernel 5.2, Version 05.2A.16\nkernel 5.3, Version 05.39.16\nkernel 5.4, Version 05.47.16\nkernel 5.5, Version 05.55.16\nkernel 5.6, Version 05.62.16\nkernel 5.7, Version 05.71.16"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-4275",
"datePublished": "2025-06-11T00:25:17.737Z",
"dateReserved": "2025-05-05T01:59:27.834Z",
"dateUpdated": "2025-07-30T13:30:23.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}