A vulnerability was found in Insyde InsydeH2O. It has been classified as problematic. Affected is an unknown function of the component IhisiServiceSmm Module. The manipulation leads to Privilege Escalation.
This vulnerability is traded as CVE-2023-28149. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.