{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T02:06:06.308","vulnerabilities":[{"cve":{"id":"CVE-2024-25078","sourceIdentifier":"cve@mitre.org","published":"2024-05-15T14:15:08.250","lastModified":"2025-07-29T20:02:06.667","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM."},{"lang":"es","value":"Una vulnerabilidad de corrupción de memoria en StorageSecurityCommandDxe en Insyde InsydeH2O antes del kernel 5.2: IB19130163 en 05.29.07, kernel 5.3: IB19130163 en 05.38.07, kernel 5.4: IB19130163 en 05.46.07, kernel IB191301 63 en 05.54.07 y kernel 5.6: IB19130163 del 61.05.07 podría provocar un aumento de privilegios en SMM."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":6.0}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-822"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.29.07","matchCriteriaId":"E5C18556-524B-4E5A-A2C1-A0DF8F139B6B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3","versionEndExcluding":"5.38.07","matchCriteriaId":"21FDF4AF-8D94-477A-9CF3-1921AC95F108"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.46.07","matchCriteriaId":"40002193-EEB0-422F-BB1E-8A78707640AB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.54.07","matchCriteriaId":"759DDEED-775C-45AC-8850-FEC17C7AD322"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.61.07","matchCriteriaId":"2BB86B48-B2DB-4CE9-A6FF-10081A1D377C"}]}]}],"references":[{"url":"https://www.insyde.com/security-pledge","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge/SA-2024001","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge/SA-2024001","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}