{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T12:59:09.899","vulnerabilities":[{"cve":{"id":"CVE-2024-25079","sourceIdentifier":"cve@mitre.org","published":"2024-05-15T15:15:07.930","lastModified":"2025-08-04T14:23:17.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM."},{"lang":"es","value":"Una vulnerabilidad de corrupción de memoria en HddPassword en Insyde InsydeH2O kernel 5.2 anterior al 29.05.09, kernel 5.3 anterior al 38.05.09, kernel 5.4 anterior al 05.46.09, kernel 5.5 anterior al 05.54.09 y kernel 5.6 anterior al 05.61.09 podría llevar a una escalada de privilegios en SMM."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":6.0}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.29.09","matchCriteriaId":"5E292E28-0173-467A-9209-4867FE292BCA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3","versionEndExcluding":"5.38.09","matchCriteriaId":"CDC9DB4F-33B9-438A-8E2B-80B891297C54"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.46.09","matchCriteriaId":"A9C75884-65A6-46F5-9889-C3B2685EE00D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.54.09","matchCriteriaId":"9189015D-3A58-41BD-9415-15CC78C25111"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.61.09","matchCriteriaId":"F66E777E-35C5-4DF1-9842-765DFF78A88F"}]}]}],"references":[{"url":"https://www.insyde.com/security-pledge","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge/SA-2024001","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.insyde.com/security-pledge/SA-2024001","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}