CVE-2023-25600 Information

Aug 05, 2023 cve

Description

An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016.

Reference

https://www.insyde.com/security-pledge/SA-2023028 https://www.insyde.com/security-pledge

Share on: