Insyde InsydeH2O TOCTOU Race-Condition Vulnerability

Insyde InsydeH2O TOCTOU Race-Condition Vulnerability

CVE-2022-24351 · MEDIUM Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process.

Learn more about our Web Application Penetration Testing UK.