CVE-2024-49200

{"id": "CVE-2024-49200", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.2}]}, "published": "2025-04-15T22:15:15.467", "references": [{"url": "https://www.insyde.com/security-pledge/SA-2024015", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in AcpiS3SaveDxe and ChipsetSvcDxe in Insyde InsydeH2O with kernel 5.2 though 5.7. A potential DXE memory corruption vulnerability has been identified. The root cause is use of a pointer originating from the value of an NVRAM variable as the target of a write operation. This can be leveraged by an attacker to perform arbitrary writes, potentially leading to arbitrary code execution. The issue has been fixed in kernel 5.2, Version 05.29.44; kernel 5.3, Version 05.38.44; kernel 5.4, Version 05.46.44; kernel 5.5, Version 05.54.44; kernel 5.6, Version 05.61.44; and kernel 5.7, Version 05.70.44."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en AcpiS3SaveDxe y ChipsetSvcDxe en Insyde InsydeH2O con las versiones del kernel 5.2 a 5.7. Se identific\u00f3 una posible vulnerabilidad de corrupci\u00f3n de memoria DXE. La causa principal es el uso de un puntero originado en el valor de una variable NVRAM como destino de una operaci\u00f3n de escritura. Un atacante puede aprovechar esto para realizar escrituras arbitrarias, lo que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. El problema se ha corregido en las versiones del kernel 5.2, 05.29.44; 5.3, 05.38.44; 5.4, 05.46.44; 5.5, 05.54.44; 5.6, 05.61.44; y 5.7, 05.70.44."}], "lastModified": "2025-04-30T16:41:11.493", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:kernel:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D6AFE61-A2A4-49DF-A8EE-B2F425DA7A08"}, {"criteria": "cpe:2.3:o:insyde:kernel:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D21132C0-F2CF-4134-A165-926155031913"}, {"criteria": "cpe:2.3:o:insyde:kernel:5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6549F7F1-A438-4C84-9D66-C89C697E2A9B"}, {"criteria": "cpe:2.3:o:insyde:kernel:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE339FA1-8572-4365-B420-530D62686C08"}, {"criteria": "cpe:2.3:o:insyde:kernel:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA8F7DB9-4D61-4628-8371-28D8081BEEE2"}, {"criteria": "cpe:2.3:o:insyde:kernel:5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACEE46AF-FA70-4283-AACA-B8EDC4B9A872"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}