OpenCVE

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Insyde	Insydeh2o

Configuration 1 [-]

OR	cpe:2.3:a:insyde:insydeh2o::::::::
	cpe:2.3:a:insyde:insydeh2o:5.5.05.53.22:::::::*
	cpe:2.3:a:insyde:insydeh2o:5.6:::::::*
	cpe:2.3:a:insyde:insydeh2o:5.6.05.60.22:::::::*

No data.

References

Link	Providers
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2023055

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-02T00:00:00

Updated: 2024-09-05T15:24:35.544Z

Reserved: 2023-07-27T00:00:00

Link: CVE-2023-39283

Vulnrichment

Updated: 2024-08-02T18:02:06.868Z

NVD

Status : Modified

Published: 2023-11-02T22:15:09.070

Modified: 2024-11-21T08:15:03.690

Link: CVE-2023-39283

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "matchCriteriaId": "D301572D-C5C6-41F1-A5D2-41F07E0FC15D", "versionEndIncluding": "5.5", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.5.05.53.22:*:*:*:*:*:*:*", "matchCriteriaId": "6EA483CB-E835-40C9-8DE0-6B2DB2A2D736", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "2D36B269-1168-4287-8F11-F5DFE8B23A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.6.05.60.22:*:*:*:*:*:*:*", "matchCriteriaId": "0ECB2B5B-C312-479F-8BAE-9B98E5DD5CD7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation."}, {"lang": "es", "value": "Una vulnerabilidad de corrupci\u00f3n de memoria SMM en el controlador SMM (SMRAM write) en CsmInt10HookSmm en Insyde InsydeH2O con kernel 5.0 a 5.5 permite a atacantes enviar datos arbitrarios a SMM, lo que podr\u00eda conducir a una escalada de privilegios."}], "id": "CVE-2023-39283", "lastModified": "2024-11-21T08:15:03.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-02T22:15:09.070", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.insyde.com/security-pledge"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2023055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://www.insyde.com/security-pledge"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2023055"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}