Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-35408

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)

Published

2022-09-22T16:15:09.607

Last Modified

2025-05-27T16:15:26.727

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-123

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	insyde	insydeh2o	< 5.17.38	Yes
Application	insyde	insydeh2o	< 05.27.28	Yes
Application	insyde	insydeh2o	< 05.36.28	Yes
Application	insyde	insydeh2o	< 05.44.28	Yes
Application	insyde	insydeh2o	< 05.52.28	Yes
Application	insyde	insydeh2o	< 05.09.38	Yes

References

https://binarly.io/advisories/BRLY-2022-022/index.html Exploit, Third Party Advisory ([email protected])
https://www.insyde.com/security-pledge Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge/SA-2022031 Vendor Advisory ([email protected])
https://binarly.io/advisories/BRLY-2022-022/index.html Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge/SA-2022031 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)