Metrics
Affected Vendors & Products
Source | ID | Title |
---|---|---|
![]() |
EUVD-2025-24533 | UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. |
Solution
Kernel 5.3 : Version Tag 05.39.18 Kernel 5.4 : Version Tag 05.47.18 Kernel 5.5 : Version Tag 05.55.18 Kernel 5.6 : Version Tag 05.62.18 Kernel 5.7 : Version Tag 05.71.18
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.insyde.com/security-pledge/sa-2025005/ |
![]() ![]() |
Thu, 14 Aug 2025 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Insyde
Insyde insydeh2o |
|
Vendors & Products |
Insyde
Insyde insydeh2o |
Wed, 13 Aug 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 13 Aug 2025 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. | |
Title | UsbCoreDxe: improper input validation may lead to arbitrary code execution | |
Weaknesses | CWE-20 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Insyde
Published:
Updated: 2025-08-14T05:54:07.744Z
Reserved: 2025-05-05T02:10:43.371Z
Link: CVE-2025-4276

Updated: 2025-08-13T13:22:23.276Z

Status : Awaiting Analysis
Published: 2025-08-13T02:15:25.723
Modified: 2025-08-13T17:33:46.673
Link: CVE-2025-4276

No data.

Updated: 2025-08-13T21:47:06Z