CVE-2023-22615

HIGH Year: 2023
CVSS v3 Score
8.4
High
Weakness Type
CWE-787
View all →

Vulnerability Description

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM.

Related Vulnerabilities

CVE-2020-4587

HIGH
CVSS:8.4(High)

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obt...

CWE-7872020

CVE-2021-29073

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8000P before 1.4.1.66, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110...

CWE-7872021

CVE-2021-29074

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.1...

CWE-7872021

CVE-2021-29075

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.1...

CWE-7872021

CVE-2021-29081

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before...

CWE-7872021

CVE-2021-29672

HIGH
CVSS:8.4(High)

IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker co...

CWE-7872021