How severe is CVE-2023-22616?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-22616?

This is classified as CWE-610, which is a common weakness in software security.

CVE-2023-22616 - HIGH Severity | CVSS 7.8

Vulnerability Description

An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM.

Related Vulnerabilities

CVE-2018-9582

HIGH

CVSS:7.8(High)

In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. This could lead to local escalation of privi...

CWE-6102018

CVE-2019-15394

HIGH

CVSS:7.8(High)

The Asus ZenFone 5 Selfie Android device with a build fingerprint of asus/WW_Phone/ASUS_X017D_1:7.1.1/NMF26F/14.0400.1810.061-20181107:user/release-keys contains a pre-installed app with a package nam...

CWE-6102019

CVE-2019-15405

HIGH

CVSS:7.8(High)

The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of...

CWE-6102019

CVE-2019-15418

HIGH

CVSS:7.8(High)

CWE-6102019

CVE-2019-15419

HIGH

CVSS:7.8(High)

The Asus ASUS_X015_1 Android device with a build fingerprint of asus/CN_X015/ASUS_X015_1:7.0/NRD90M/CN_X015-14.00.1709.35-20171215:user/release-keys contains a pre-installed app with a package name of...

CWE-6102019

CVE-2019-15429

HIGH

CVSS:7.8(High)

The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem...

CWE-6102019