Main Vulnerability Database Vulnerabilities #VU81907

Security features bypass in InsydeH2O Kernel - CVE-2023-30633

Published: October 11, 2023

Vulnerability identifier: #VU81907

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-30633

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Insyde Software

Affected software:
InsydeH2O Kernel

Detailed vulnerability description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists within the TrEEConfigDriver driver that can report false TPM PCR values. An attacker with physical access to device can write arbitrary values into Platform Configuration Register (PCR) banks and mask malicious activity on the device.

How to mitigate CVE-2023-30633

Install updates from vendor's website.

Sources

https://www.insyde.com/security-pledge/SA-2023045

Security features bypass in InsydeH2O Kernel - CVE-2023-30633

Detailed vulnerability description

How to mitigate CVE-2023-30633

Sources

Please verify you're human