CVE-2024-25078 | Insyde InsydeH2O StorageSecurityCommandDxe memory corruption

Posted by Angelo Barbosa | May 15, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Insyde InsydeH2O. Affected by this issue is some unknown functionality of the component StorageSecurityCommandDxe. The manipulation leads to memory corruption.

This vulnerability is handled as CVE-2024-25078. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25078 | Insyde InsydeH2O StorageSecurityCommandDxe memory corruption

Related Posts

CVE-2023-43608 | Buildroot 2023.08.1/622698d7847 code download (TALOS-2023-1845)

CVE-2024-34476 | Open5GS up to 2.7.0 security.c ogs_nas_encrypt len assertion

CVE-2024-39291 | Linux Kernel up to 6.6.32/6.9.3 amdgpu cp_compute_microcode buffer overflow (19bd9537b6bc/f1b6a016dfa4/acce6479e30f)

CVE-2024-0511 | Royal Elementor Addons and Templates Plugin up to 1.3.87 on WordPress wpr_update_form_action_meta cross-site request forgery