CNNVD-202507-3756 Information

CNNVD ID

CNNVD-202507-3756

Related CVE

CVE-2025-4421

• CNNVD Published: 2025-07-30

Description (Chinese)

InsydeH2O是中国系微（Insyde）公司的一款可定制固件代码库。 InsydeH2O存在安全漏洞，该漏洞源于SMM模块中的SMM内存损坏。

Description (English)

InsydeH2O is a custom-made hardware code repository for Insyde. There is a security loophole in InsydeH2O, which stems from the SMM memory damage in the SMM module.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

系微

Published

2025-07-30

Last Modified

2026-02-24

References

https://support.lenovo.com/us/en/product_security/home https://www.insyde.com/security-pledge/sa-2025007/

Patch

https://www.insyde.com/security-pledge/sa-2025007/