CVE-2019-12532
N/A
N/A
Summary
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28, 100.00.00.00100.00.08.23 and 200.00.00.01~200.00.00.05, H2OOAE before version 200.00.00.02, H2OSDE before version 200.00.00.07, H2OUVE before version 200.00.02.02, H2OPCM before version 100.00.06.00, H2OELV before version 100.00.02.08.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/
- https://www.insyde.com/security-pledge/SA-2019001
- https://security.netapp.com/advisory/ntap-20220223-0004/
References
- https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/
- https://www.insyde.com/security-pledge/SA-2019001
- https://security.netapp.com/advisory/ntap-20220223-0004/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.