InsydeH2O up to 05.15.10/05.25.10/05.34.10/05.42.10 SMI SdLegacySmm CommBuffer input validation

A vulnerability was found in InsydeH2O up to 05.15.10/05.25.10/05.34.10/05.42.10. It has been rated as critical. Affected by this issue is the function SdLegacySmm of the component SMI Handler. Upgrading to version 05.15.11, 05.25.11, 05.34.11 or 05.42.11 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

Description A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of