CVE-2023-39281

CRITICAL EPSS 38.3%
Published Nov 1, 20232y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Nov 1, 2023 2y ago
Last Modified Jun 17, 2026 2w ago

Description

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
38.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-121
CWE-787 Out-of-bounds Write Memory Safety

Affected Products 305

VendorProductVersionRange
insydeinsydeh2o05.45.24.0039any
intelb760*any
intelc262*any
intelc266*any
intelcore_i3-1305u*any
intelcore_i3-13100*any
intelcore_i3-13100e*any
intelcore_i3-13100f*any
intelcore_i3-13100t*any
intelcore_i3-13100te*any
intelcore_i3-1315u*any
intelcore_i3-1315ue*any
intelcore_i3-1315ure*any
intelcore_i3-1320pe*any
intelcore_i3-1320pre*any
intelcore_i3-13300he*any
intelcore_i3-13300hre*any
intelcore_i5-1334u*any
intelcore_i5-1335u*any
intelcore_i5-1335ue*any
intelcore_i5-13400*any
intelcore_i5-13400e*any
intelcore_i5-13400f*any
intelcore_i5-13400t*any
intelcore_i5-1340p*any
intelcore_i5-1340pe*any
intelcore_i5-13420h*any
intelcore_i5-13450hx*any
intelcore_i5-1345u*any
intelcore_i5-1345ue*any
intelcore_i5-1345ure*any
intelcore_i5-13500*any
intelcore_i5-13500e*any
intelcore_i5-13500h*any
intelcore_i5-13500hx*any
intelcore_i5-13500t*any
intelcore_i5-13500te*any
intelcore_i5-13505h*any
intelcore_i5-1350p*any
intelcore_i5-1350pe*any
intelcore_i5-1350pre*any
intelcore_i5-13600*any
intelcore_i5-13600h*any
intelcore_i5-13600he*any
intelcore_i5-13600hre*any
intelcore_i5-13600hx*any
intelcore_i5-13600k*any
intelcore_i5-13600kf*any
intelcore_i5-13600t*any
intelcore_i5_14600k*any
intelcore_i5_14600kf*any
intelcore_i7-1355u*any
intelcore_i7-1360p*any
intelcore_i7-13620h*any
intelcore_i7-13650hx*any
intelcore_i7-1365u*any
intelcore_i7-1365ue*any
intelcore_i7-1365ure*any
intelcore_i7-1366ure*any
intelcore_i7-13700*any
intelcore_i7-13700e*any
intelcore_i7-13700f*any
intelcore_i7-13700h*any
intelcore_i7-13700hx*any
intelcore_i7-13700k*any
intelcore_i7-13700kf*any
intelcore_i7-13700t*any
intelcore_i7-13700te*any
intelcore_i7-13705h*any
intelcore_i7-1370p*any
intelcore_i7-1370pe*any
intelcore_i7-1370pre*any
intelcore_i7-1375pre*any
intelcore_i7-13800h*any
intelcore_i7-13800he*any
intelcore_i7-13800hre*any
intelcore_i7-13850hx*any
intelcore_i7_14700k*any
intelcore_i7_14700kf*any
intelcore_i9-13900*any
intelcore_i9-13900e*any
intelcore_i9-13900f*any
intelcore_i9-13900h*any
intelcore_i9-13900hk*any
intelcore_i9-13900hx*any
intelcore_i9-13900k*any
intelcore_i9-13900kf*any
intelcore_i9-13900ks*any
intelcore_i9-13900t*any
intelcore_i9-13900te*any
intelcore_i9-13905h*any
intelcore_i9-13950hx*any
intelcore_i9-13980hx*any
intelcore_i9-14900k*any
intelcore_i9-14900kf*any
intelh770*any
intelhm770*any
intelu300*any
intelu300e*any
intelwm790*any
intelz790*any
insydeinsydeh2o05.44.45.0017any
intelatom_x7211e*any
intelatom_x7213e*any
intelatom_x7425e*any
intelcore_i3-n300*any
intelcore_i3-n305*any
inteln100*any
inteln200*any
inteln50*any
inteln95*any
inteln97*any
insydeinsydeh2o05.44.34.0055any
intelceleron_7300*any
intelceleron_7305*any
intelceleron_g6900*any
intelceleron_g6900t*any
intelcore_i3-12100*any
intelcore_i3-12100f*any
intelcore_i3-12100t*any
intelcore_i3-1210u*any
intelcore_i3-1215u*any
intelcore_i3-1220p*any
intelcore_i3-12300*any
intelcore_i3-12300t*any
intelcore_i5-1230u*any
intelcore_i5-1235u*any
intelcore_i5-12400*any
intelcore_i5-12400f*any
intelcore_i5-12400t*any
intelcore_i5-1240p*any
intelcore_i5-1240u*any
intelcore_i5-12450h*any
intelcore_i5-12450hx*any
intelcore_i5-1245u*any
intelcore_i5-12490f*any
intelcore_i5-12500*any
intelcore_i5-12500h*any
intelcore_i5-12500t*any
intelcore_i5-1250p*any
intelcore_i5-12600*any
intelcore_i5-12600h*any
intelcore_i5-12600hx*any
intelcore_i5-12600k*any
intelcore_i5-12600kf*any
intelcore_i5-12600t*any
intelcore_i7-1250u*any
intelcore_i7-1255u*any
intelcore_i7-1260p*any
intelcore_i7-1260u*any
intelcore_i7-12650h*any
intelcore_i7-12650hx*any
intelcore_i7-1265u*any
intelcore_i7-12700*any
intelcore_i7-12700f*any
intelcore_i7-12700h*any
intelcore_i7-12700k*any
intelcore_i7-12700kf*any
intelcore_i7-12700t*any
intelcore_i7-1270p*any
intelcore_i7-12800h*any
intelcore_i7-12800hx*any
intelcore_i7-1280p*any
intelcore_i7-12850hx*any
intelcore_i9-12900*any
intelcore_i9-12900f*any
intelcore_i9-12900h*any
intelcore_i9-12900hk*any
intelcore_i9-12900hx*any
intelcore_i9-12900k*any
intelcore_i9-12900kf*any
intelcore_i9-12900ks*any
intelcore_i9-12900t*any
intelcore_i9-12950hx*any
intelpentium_8500*any
intelpentium_8505*any
intelpentium_gold_g7400*any
intelpentium_gold_g7400t*any
insydeinsydeh2o05.53.28.0013any
amdryzen_3_7335u*any
amdryzen_3_7440u*any
amdryzen_5_6600h*any
amdryzen_5_6600hs*any
amdryzen_5_6600u*any
amdryzen_5_7535hs*any
amdryzen_5_7535u*any
amdryzen_5_7540u*any
amdryzen_5_7545u*any
amdryzen_5_7640h*any
amdryzen_5_7640u*any
amdryzen_5_pro_7640hs*any
amdryzen_7_6800h*any
amdryzen_7_6800hs*any
amdryzen_7_6800u*any
amdryzen_7_7735hs*any
amdryzen_7_7735u*any
amdryzen_7_7736u*any
amdryzen_7_7840h*any
amdryzen_7_7840u*any
amdryzen_7_pro_7840hs*any
amdryzen_9_6900hs*any
amdryzen_9_6900hx*any
amdryzen_9_6980hs*any
amdryzen_9_6980hx*any
amdryzen_9_7940h*any
amdryzen_9_7940hs*any
amdryzen_9_pro_7940hs*any
amdryzen_z1*any
amdryzen_z1_extreme*any
amdv314*any
amdv3c16*any
amdv3c18*any
amdv3c44*any
amdv3c48*any
insydeinsydeh2o05.45.38.0005any
intelceleron_7305l*any
intelcore_i3-1215ul*any
intelcore_i3-12300hl*any
intelcore_i5-1235ul*any
intelcore_i5-1245ul*any
intelcore_i5-12500hl*any
intelcore_i5-12600hl*any
intelcore_i7-1255ul*any
intelcore_i7-1265ul*any
intelcore_i7-12700hl*any
intelcore_i7-12800hl*any
insydeinsydeh2o05.53.23.0011any
amdryzen_7_7645hx*any
amdryzen_7_7745hx*any
amdryzen_7_7840hx*any
amdryzen_9_7645hx3d*any
amdryzen_9_7845hx*any
amdryzen_9_7940hx*any
amdryzen_9_7945hx*any
insydeinsydeh2o05.53.23.0014any
amdathlon_gold_7220u*any
amdathlon_silver_7120u*any
amdryzen_3_7320u*any
amdryzen_5_7520u*any
insydeinsydeh2o05.53.22.0008any
amdryzen_5_7500f*any
amdryzen_5_7600*any
amdryzen_5_7600x*any
amdryzen_5_pro_7645*any
amdryzen_7_7700*any
amdryzen_7_7700x*any
amdryzen_7_7800x3d*any
amdryzen_7_pro_7745*any
amdryzen_9_7900*any
amdryzen_9_7900x*any
amdryzen_9_7900x3d*any
amdryzen_9_7950x*any
amdryzen_9_7950x3d*any
amdryzen_9_pro_7945*any
insydeinsydeh2o05.44.30.0022any
amdryzen_3_7335u*any
amdryzen_5_6600h*any
amdryzen_5_6600hs*any
amdryzen_5_6600u*any
amdryzen_5_7535hs*any
amdryzen_5_7535u*any
amdryzen_7_6800h*any
amdryzen_7_6800hs*any
amdryzen_7_6800u*any
amdryzen_7_7735hs*any
amdryzen_7_7735u*any
amdryzen_7_7736u*any
amdryzen_9_6900hs*any
amdryzen_9_6900hx*any
amdryzen_9_6980hs*any
amdryzen_9_6980hx*any
insydeinsydeh2o05.43.06.0021any
amdvan_gogh_0405*any
insydeinsydeh2o05.42.37.0031any
amdryzen_3_5100*any
amdryzen_3_5125c*any
amdryzen_3_5300g*any
amdryzen_3_5300ge*any
amdryzen_3_5400u*any
amdryzen_3_5425u*any
amdryzen_3_pro_7330u*any
amdryzen_5_5500*any
amdryzen_5_5500h*any
amdryzen_5_5500u*any
amdryzen_5_5560u*any
amdryzen_5_5600g*any
amdryzen_5_5600ge*any
amdryzen_5_5600h*any
amdryzen_5_5600hs*any
amdryzen_5_5600u*any
amdryzen_5_5625u*any
amdryzen_5_pro_7530u*any
amdryzen_7_5700*any
amdryzen_7_5700g*any
amdryzen_7_5700ge*any
amdryzen_7_5700u*any
amdryzen_7_5800h*any
amdryzen_7_5800hs*any
amdryzen_7_5800u*any
amdryzen_7_5825u*any
amdryzen_7_pro_7730u*any
amdryzen_9_5900hs*any
amdryzen_9_5900hx*any
amdryzen_9_5980hs*any
amdryzen3_5300u*any

References 2

  • insyde.com https://www.insyde.com/security-pledge
    Vendor Advisory
  • insyde.com https://www.insyde.com/security-pledge/SA-2023054
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.