CVE-2023-39283 - OpenCVE

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Insyde	Insydeh2o

Configuration 1 [-]

OR	cpe:2.3:a:insyde:insydeh2o::::::::
	cpe:2.3:a:insyde:insydeh2o:5.5.05.53.22:::::::*
	cpe:2.3:a:insyde:insydeh2o:5.6:::::::*
	cpe:2.3:a:insyde:insydeh2o:5.6.05.60.22:::::::*

References

Link	Resource
https://www.insyde.com/security-pledge	Not Applicable
https://www.insyde.com/security-pledge/SA-2023055	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-02T00:00:00

Updated: 2023-11-02T21:09:36.535225

Reserved: 2023-07-27T00:00:00

Link: CVE-2023-39283

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-02T22:15:09.070

Modified: 2023-11-10T04:12:27.713

Link: CVE-2023-39283

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*", "matchCriteriaId": "D301572D-C5C6-41F1-A5D2-41F07E0FC15D", "versionEndIncluding": "5.5", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.5.05.53.22:*:*:*:*:*:*:*", "matchCriteriaId": "6EA483CB-E835-40C9-8DE0-6B2DB2A2D736", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "2D36B269-1168-4287-8F11-F5DFE8B23A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:insyde:insydeh2o:5.6.05.60.22:*:*:*:*:*:*:*", "matchCriteriaId": "0ECB2B5B-C312-479F-8BAE-9B98E5DD5CD7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation."}, {"lang": "es", "value": "Una vulnerabilidad de corrupci\u00f3n de memoria SMM en el controlador SMM (SMRAM write) en CsmInt10HookSmm en Insyde InsydeH2O con kernel 5.0 a 5.5 permite a atacantes enviar datos arbitrarios a SMM, lo que podr\u00eda conducir a una escalada de privilegios."}], "id": "CVE-2023-39283", "lastModified": "2023-11-10T04:12:27.713", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-02T22:15:09.070", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.insyde.com/security-pledge"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2023055"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}