CVE-2023-27471

Published: Aug 18, 2023

Modified: Oct 7, 2024

PUBLISHED

Description

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.insyde.com/security-pledge/SA-2023036

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-27471

Description

Affected Products

References