CVE-2024-55567
BaseFortify
Publication date: 2025-06-12
Last updated on: 2025-08-20
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| insyde | insydeh2o | From 5.4 (inc) to 5.4.05.47.01 (exc) |
| insyde | insydeh2o | From 5.5 (inc) to 5.5.05.55.01 (exc) |
| insyde | insydeh2o | From 5.6 (inc) to 5.6.05.62.01 (exc) |
| insyde | insydeh2o | From 5.7 (inc) to 5.7.05.71.01 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper input validation flaw in the UsbCoreDxe component of InsydeH2O firmware's System Management Mode (SMM) module. It allows an attacker with local high privileges to write arbitrary memory inside the System Management RAM (SMRAM) and execute arbitrary code at the SMM privilege level, which is a highly privileged execution environment. [1]
How can this vulnerability impact me? :
The vulnerability can lead to an attacker executing arbitrary code at the SMM level, which can compromise system confidentiality, integrity, and availability. This means an attacker could potentially take full control over the affected system, manipulate sensitive data, disrupt system operations, or install persistent malware. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is related to improper input validation in the UsbCoreDxe component of InsydeH2O firmware affecting System Management Mode (SMM). Detection involves verifying the firmware version of the InsydeH2O kernel on your system to check if it is one of the affected versions prior to the fixed releases (before 05.47.01 for kernel 5.4, 05.55.01 for 5.5, 05.62.01 for 5.6, and 05.71.01 for 5.7). There are no specific network detection commands provided. To detect the vulnerability, you can check the firmware version using system tools or firmware update utilities specific to your hardware. For example, on Windows, you might use commands like "wmic bios get smbiosbiosversion" or check firmware version via vendor-specific tools. On Linux, commands like "dmidecode -t bios" or "fwupdmgr get-devices" may help identify firmware versions. However, no direct commands to detect exploitation or scanning signatures are provided. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the InsydeH2O firmware to a fixed version that addresses this vulnerability. Specifically, upgrade to kernel 5.4 version 05.47.01 or later, kernel 5.5 version 05.55.01 or later, kernel 5.6 version 05.62.01 or later, or kernel 5.7 version 05.71.01 or later. Applying these firmware updates will fix the improper input validation in the UsbCoreDxe component and prevent arbitrary code execution at the SMM level. Additionally, restrict local access to systems with vulnerable firmware to trusted users only, as the attack requires high privileges and local access. [1]