Insydeh2o
This hub aggregates every CVE we track for Insydeh2o, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
79
CVEs tracked
2
Critical
62
High
0
In CISA KEV
Severity distribution
HIGH62MEDIUM15CRITICAL2
Monthly trend
1
0
0
0
0
0
0
0
0
1
3
2
6
3
0
0
0
1
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Insydeh2o.
- CVE-2025-10451H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)8.2
- CVE-2025-4410SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution.7.5
- CVE-2025-4277Tcg2Smm: improper input validation may lead to arbitrary code execution7.5
- CVE-2025-4276UsbCoreDxe: improper input validation may lead to arbitrary code execution7.5
- CVE-2025-4426SetupAutomationSmm : SMRAM memory contents leak / information disclosure vulnerability in SMM module6.0
- CVE-2025-4425SetupAutomationSmm: Stack overflow vulnerability in SMI handler8.2
- CVE-2025-4424SetupAutomationSmm : Arbitrary calls to SmmSetVariable with unsanitised arguments in SMI handler6.0
- CVE-2025-4423SetupAutomationSmm:Vulnerability in the SMM module allow attacker to write arbitrary code and lead to memory corruption8.2
- CVE-2025-4422EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module8.2
- CVE-2025-4421EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module8.2
- CVE-2024-55567Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM c...7.5
- CVE-2025-4275SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate7.8
- CVE-2024-52877An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5....7.5
- CVE-2024-52878An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5....7.5
- CVE-2024-52879An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5....7.5
Product normalization is registry-driven with AI assist and human review. How it works