OpenCVE

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Insyde	Kernel

Configuration 1 [-]

cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2022040

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-11-22T00:00:00

Updated: 2024-08-03T09:36:43.358Z

Reserved: 2022-07-08T00:00:00

Link: CVE-2022-35407

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-11-22T02:15:09.120

Modified: 2024-11-21T07:11:06.883

Link: CVE-2022-35407

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC5100FC-51F0-48D6-A4F0-782F1281DBF3", "versionEndIncluding": "5.5", "versionStartIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Insyde InsydeH2O con los kernels 5.0 a 5.5. Un desbordamiento del b\u00fafer conduce a la ejecuci\u00f3n de c\u00f3digo arbitrario en el controlador SetupUtility en plataformas Intel. Un atacante puede cambiar los valores de ciertas variables UEFI. Si el tama\u00f1o de la segunda variable excede el tama\u00f1o de la primera, se sobrescribir\u00e1 el b\u00fafer. Este problema afecta al controlador SetupUtility de InsydeH2O."}], "id": "CVE-2022-35407", "lastModified": "2024-11-21T07:11:06.883", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-22T02:15:09.120", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2022040"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2022040"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}