CVE-2023-22614
CVE-2023-22614
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.8EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
11 abr 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Productos afectados
n/a · n/a