How severe is CVE-2024-27353?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2024-27353?

This is classified as CWE-822, which is a common weakness in software security.

CVE-2024-27353

HIGH Year: 2024

CVSS v3 Score

7.4

High

Weakness Type

CWE-822

View all →

Vulnerability Description

A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.

CVE-2024-25078

HIGH

CVSS:7.4(High)

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, ke...

CWE-8222024

CVE-2017-12719

HIGH

CVSS:7.5(High)

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program caus...

CWE-8222017

CVE-2017-16728

HIGH

CVSS:7.5(High)

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid...

CWE-8222017

CVE-2020-1899

HIGH

CVSS:7.5(High)

The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were stat...

CWE-8222020