Vulnerabilities > CVE-2023-39281 - Out-of-bounds Write vulnerability in Insyde Insydeh2O

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

insyde

CWE-787

critical

NVD

Published: 2023-11-01

Updated: 2023-11-09

Summary

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

Vulnerable Configurations

Part	Description	Count
Application	Insyde Insyde Insydeh2O 05.45.24.0039 Insyde Insydeh2O 05.44.45.0017 Insyde Insydeh2O 05.44.34.0055 Insyde Insydeh2O 05.53.28.0013 Insyde Insydeh2O 05.45.38.0005 Insyde Insydeh2O 05.53.23.0011 Insyde Insydeh2O 05.53.23.0014 Insyde Insydeh2O 05.53.22.0008 Insyde Insydeh2O 05.44.30.0022 Insyde Insydeh2O 05.43.06.0021 Insyde Insydeh2O 05.42.37.0031	11
Hardware	Intel Intel B760 - Intel C262 - Intel C266 - Intel Core I3 1305U - Intel Core I3 13100 - Intel Core I3 13100E - Intel Core I3 13100F - Intel Core I3 13100T - Intel Core I3 13100Te - Intel Core I3 1315U - Intel Core I3 1315Ue - Intel Core I3 1315Ure - Intel Core I3 1320Pe - Intel Core I3 1320Pre - Intel Core I3 13300He - Intel Core I3 13300Hre - Intel Core I5 1334U - Intel Core I5 1335U - Intel Core I5 1335Ue - Intel Core I5 13400 - Intel Core I5 13400E - Intel Core I5 13400F - Intel Core I5 13400T - Intel Core I5 1340P - Intel Core I5 1340Pe - Intel Core I5 13420H - Intel Core I5 13450Hx - Intel Core I5 1345U - Intel Core I5 1345Ue - Intel Core I5 1345Ure - Intel Core I5 13500 - Intel Core I5 13500E - Intel Core I5 13500H - Intel Core I5 13500Hx - Intel Core I5 13500T - Intel Core I5 13500Te - Intel Core I5 13505H - Intel Core I5 1350P - Intel Core I5 1350Pe - Intel Core I5 1350Pre - Intel Core I5 13600 - Intel Core I5 13600H - Intel Core I5 13600He - Intel Core I5 13600Hre - Intel Core I5 13600Hx - Intel Core I5 13600K - Intel Core I5 13600Kf - Intel Core I5 13600T - Intel Core I5 14600K - Intel Core I5 14600Kf - Intel Core I7 1355U - Intel Core I7 1360P - Intel Core I7 13620H - Intel Core I7 13650Hx - Intel Core I7 1365U - Intel Core I7 1365Ue - Intel Core I7 1365Ure - Intel Core I7 1366Ure - Intel Core I7 13700 - Intel Core I7 13700E - Intel Core I7 13700F - Intel Core I7 13700H - Intel Core I7 13700Hx - Intel Core I7 13700K - Intel Core I7 13700Kf - Intel Core I7 13700T - Intel Core I7 13700Te - Intel Core I7 13705H - Intel Core I7 1370P - Intel Core I7 1370Pe - Intel Core I7 1370Pre - Intel Core I7 1375Pre - Intel Core I7 13800H - Intel Core I7 13800He - Intel Core I7 13800Hre - Intel Core I7 13850Hx - Intel Core I7 14700K - Intel Core I7 14700Kf - Intel Core I9 13900 - Intel Core I9 13900E - Intel Core I9 13900F - Intel Core I9 13900H - Intel Core I9 13900Hk - Intel Core I9 13900Hx - Intel Core I9 13900K - Intel Core I9 13900Kf - Intel Core I9 13900Ks - Intel Core I9 13900T - Intel Core I9 13900Te - Intel Core I9 13905H - Intel Core I9 13950Hx - Intel Core I9 13980Hx - Intel Core I9 14900K - Intel Core I9 14900Kf - Intel H770 - Intel Hm770 - Intel U300 - Intel U300E - Intel Wm790 - Intel Z790 - Intel Atom X7211E - Intel Atom X7213E - Intel Atom X7425E - Intel Core I3 N300 - Intel Core I3 N305 - Intel N100 - Intel N200 - Intel N50 - Intel N95 - Intel N97 - Intel Celeron 7300 - Intel Celeron 7305 - Intel Celeron G6900 - Intel Celeron G6900T - Intel Core I3 12100 - Intel Core I3 12100F - Intel Core I3 12100T - Intel Core I3 1210U - Intel Core I3 1215U - Intel Core I3 1220P - Intel Core I3 12300 - Intel Core I3 12300T - Intel Core I5 1230U - Intel Core I5 1235U - Intel Core I5 12400 - Intel Core I5 12400F - Intel Core I5 12400T - Intel Core I5 1240P - Intel Core I5 1240U - Intel Core I5 12450H - Intel Core I5 12450Hx - Intel Core I5 1245U - Intel Core I5 12490F - Intel Core I5 12500 - Intel Core I5 12500H - Intel Core I5 12500T - Intel Core I5 1250P - Intel Core I5 12600 - Intel Core I5 12600H - Intel Core I5 12600Hx - Intel Core I5 12600K - Intel Core I5 12600Kf - Intel Core I5 12600T - Intel Core I7 1250U - Intel Core I7 1255U - Intel Core I7 1260P - Intel Core I7 1260U - Intel Core I7 12650H - Intel Core I7 12650Hx - Intel Core I7 1265U - Intel Core I7 12700 - Intel Core I7 12700F - Intel Core I7 12700H - Intel Core I7 12700K - Intel Core I7 12700Kf - Intel Core I7 12700T - Intel Core I7 1270P - Intel Core I7 12800H - Intel Core I7 12800Hx - Intel Core I7 1280P - Intel Core I7 12850Hx - Intel Core I9 12900 - Intel Core I9 12900F - Intel Core I9 12900H - Intel Core I9 12900Hk - Intel Core I9 12900Hx - Intel Core I9 12900K - Intel Core I9 12900Kf - Intel Core I9 12900Ks - Intel Core I9 12900T - Intel Core I9 12950Hx - Intel Pentium 8500 - Intel Pentium 8505 - Intel Pentium Gold G7400 - Intel Pentium Gold G7400T - Intel Celeron 7305L - Intel Core I3 1215Ul - Intel Core I3 12300Hl - Intel Core I5 1235Ul - Intel Core I5 1245Ul - Intel Core I5 12500Hl - Intel Core I5 12600Hl - Intel Core I7 1255Ul - Intel Core I7 1265Ul - Intel Core I7 12700Hl - Intel Core I7 12800Hl -	186
Hardware	Amd AMD Ryzen 3 7335U - AMD Ryzen 3 7440U - AMD Ryzen 5 6600H - AMD Ryzen 5 6600Hs - AMD Ryzen 5 6600U - AMD Ryzen 5 7535Hs - AMD Ryzen 5 7535U - AMD Ryzen 5 7540U - AMD Ryzen 5 7545U - AMD Ryzen 5 7640H - AMD Ryzen 5 7640U - AMD Ryzen 5 PRO 7640Hs - AMD Ryzen 7 6800H - AMD Ryzen 7 6800Hs - AMD Ryzen 7 6800U - AMD Ryzen 7 7735Hs - AMD Ryzen 7 7735U - AMD Ryzen 7 7736U - AMD Ryzen 7 7840H - AMD Ryzen 7 7840U - AMD Ryzen 7 PRO 7840Hs - AMD Ryzen 9 6900Hs - AMD Ryzen 9 6900Hx - AMD Ryzen 9 6980Hs - AMD Ryzen 9 6980Hx - AMD Ryzen 9 7940H - AMD Ryzen 9 7940Hs - AMD Ryzen 9 PRO 7940Hs - AMD Ryzen Z1 - AMD Ryzen Z1 Extreme - AMD V314 - AMD V3C16 - AMD V3C18 - AMD V3C44 - AMD V3C48 - AMD Ryzen 7 7645Hx - AMD Ryzen 7 7745Hx - AMD Ryzen 7 7840Hx - AMD Ryzen 9 7645Hx3D - AMD Ryzen 9 7845Hx - AMD Ryzen 9 7940Hx - AMD Ryzen 9 7945Hx - AMD Athlon Gold 7220U - AMD Athlon Silver 7120U - AMD Ryzen 3 7320U - AMD Ryzen 5 7520U - AMD Ryzen 5 7500F - AMD Ryzen 5 7600 - AMD Ryzen 5 7600X - AMD Ryzen 5 PRO 7645 - AMD Ryzen 7 7700 - AMD Ryzen 7 7700X - AMD Ryzen 7 7800X3D - AMD Ryzen 7 PRO 7745 - AMD Ryzen 9 7900 - AMD Ryzen 9 7900X - AMD Ryzen 9 7900X3D - AMD Ryzen 9 7950X - AMD Ryzen 9 7950X3D - AMD Ryzen 9 PRO 7945 - AMD VAN Gogh 0405 - AMD Ryzen 3 5100 - AMD Ryzen 3 5125C - AMD Ryzen 3 5300G - AMD Ryzen 3 5300Ge - AMD Ryzen 3 5400U - AMD Ryzen 3 5425U - AMD Ryzen 3 PRO 7330U - AMD Ryzen 5 5500 - AMD Ryzen 5 5500H - AMD Ryzen 5 5500U - AMD Ryzen 5 5560U - AMD Ryzen 5 5600G - AMD Ryzen 5 5600Ge - AMD Ryzen 5 5600H - AMD Ryzen 5 5600Hs - AMD Ryzen 5 5600U - AMD Ryzen 5 5625U - AMD Ryzen 5 PRO 7530U - AMD Ryzen 7 5700 - AMD Ryzen 7 5700G - AMD Ryzen 7 5700Ge - AMD Ryzen 7 5700U - AMD Ryzen 7 5800H - AMD Ryzen 7 5800Hs - AMD Ryzen 7 5800U - AMD Ryzen 7 5825U - AMD Ryzen 7 PRO 7730U - AMD Ryzen 9 5900Hs - AMD Ryzen 9 5900Hx - AMD Ryzen 9 5980Hs - AMD Ryzen3 5300U -	92

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References