Advisory Published
Updated

CVE-2023-30633

First published: Thu Oct 19 2023(Updated: )

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers (PCRs) to record information about device and software configuration to ensure that the boot process is secure. (For example, Windows uses these PCR measurements to determine device health.) A vulnerable device can masquerade as a healthy device by extending arbitrary values into Platform Configuration Register (PCR) banks. This requires physical access to a target victim's device, or compromise of user credentials for a device. This issue is similar to CVE-2021-42299 (on Surface Pro devices).

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Insyde InsydeH2O>=5.3<5.3.05.37.17
Insyde InsydeH2O>=5.4<5.4.05.45.17
Insyde InsydeH2O>=5.5<5.5.05.53.17
Insyde InsydeH2O>=5.6<5.6.05.60.17
Insyde InsydeH2O=5.2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2023-30633?

    CVE-2023-30633 is an issue discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel versions 5.0 through 5.5 that can report false TPM PCR values, potentially masking malware activity.

  • Which devices are affected by CVE-2023-30633?

    Devices using Insyde InsydeH2O with kernel versions 5.0 through 5.5 are affected by CVE-2023-30633.

  • How does CVE-2023-30633 impact device security?

    CVE-2023-30633 can mask malware activity by reporting false TPM PCR values, potentially compromising device security.

  • What is the severity level of CVE-2023-30633?

    CVE-2023-30633 has a severity level of medium, with a severity value of 5.3.

  • How can I fix CVE-2023-30633?

    To fix CVE-2023-30633, it is recommended to update the affected Insyde InsydeH2O firmware to a version that addresses the vulnerability. Please refer to the vendor's security advisory for specific instructions.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203