Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers (PCRs) to record information about device and software configuration to ensure that the boot process is secure. (For example, Windows uses these PCR measurements to determine device health.) A vulnerable device can masquerade as a healthy device by extending arbitrary values into Platform Configuration Register (PCR) banks. This requires physical access to a target victim's device, or compromise of user credentials for a device. This issue is similar to CVE-2021-42299 (on Surface Pro devices).

Published

2023-10-19T20:15:08.990

Last Modified

2024-11-21T08:00:33.987

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	insyde	insydeh2o	< 5.3.05.37.17	Yes
Application	insyde	insydeh2o	< 5.4.05.45.17	Yes
Application	insyde	insydeh2o	< 5.5.05.53.17	Yes
Application	insyde	insydeh2o	< 5.6.05.60.17	Yes
Application	insyde	insydeh2o	5.2	Yes

References

https://www.insyde.com/security-pledge Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge/SA-2023045 Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge/SA-2023045 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)