First published: Wed Nov 01 2023(Updated: )
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Intel B760 | ||
Intel C262 | ||
Intel C266 | ||
Intel Core i3-1305U firmware | ||
Intel Core i3-13100F Firmware | ||
Intel Core i3-13100E Firmware | ||
Intel Core i3-13100F Firmware | ||
Intel Core i3-13100T Firmware | ||
Intel Core i3-13100TE firmware | ||
Intel Core i3-1315U Firmware | ||
Intel Core i3-1315UE Firmware | ||
Intel Core i3-1315UE | ||
Intel Core i3-1320PE Firmware | ||
Intel Core i3-1320pre Firmware | ||
Intel Core i3-13300HE Firmware | ||
Intel Core i3-13300HRE firmware | ||
Intel Core i5-1334U firmware | ||
Intel Core i5-1335U firmware | ||
Intel Core i5-1335UE firmware | ||
Intel Core i5-13400 Firmware | ||
Intel Core i5-13400E | ||
Intel Core i5-13400 Firmware | ||
Intel Core i5-13400T firmware | ||
Intel Core i5-1340P Firmware | ||
Intel Core i5-1340PE firmware | ||
Intel Core i5-13420H Firmware | ||
Intel Core i5-13450HX firmware | ||
Intel Core i5-1345U Firmware | ||
Intel Core i5-1345UE Firmware | ||
Intel Core i5-1345UE | ||
Intel Core i5-13500 | ||
Intel core i5-13500E firmware | ||
Intel Core i5-13500H Firmware | ||
Intel Core i5-13500HX firmware | ||
Intel Core i5-13500T | ||
Intel Core i5-13500TE Firmware | ||
Intel Core i5-13505H Firmware | ||
Intel Core i5-1350P Firmware | ||
Intel Core i5-1350PE Firmware | ||
Intel Core i5-1350pre firmware | ||
Intel Core i5-13600 | ||
Intel Core i5-13600H firmware | ||
Intel Core i5-13600HE firmware | ||
Intel Core i5-13600HRE Firmware | ||
Intel Core i5-13600HX Firmware | ||
Intel Core i5-13600K Firmware | ||
Intel Core i5-13600KF Firmware | ||
Intel Core i5-13600T firmware | ||
Intel Core i5-14600K | ||
Intel Core i5-14600KF | ||
Intel Core i7-1355U | ||
Intel Core i7-1360P Firmware | ||
Intel Core i7-13620H Firmware | ||
Intel core i7-13650hx firmware | ||
Intel Core i7-1365URE | ||
Intel Core i7-1365URE | ||
Intel Core i7-1365ure firmware | ||
Intel Core i7-1366ure firmware | ||
Intel Core i7-13700 | ||
Intel Core i7-13700E Firmware | ||
Intel Core i7-13700F firmware | ||
Intel Core i7-13700H Firmware | ||
Intel Core i7-13700HX firmware | ||
Intel Core i7-13700K firmware | ||
Intel Core i7-13700KF | ||
Intel Core i7-13700T Firmware | ||
Intel Core i7-13700TE Firmware | ||
Intel Core i7-13705H Firmware | ||
Intel Core i7-1370PE | ||
Intel Core i7-1370PE firmware | ||
Intel Core i7-1370pre Firmware | ||
Intel Core i7-1375pre firmware | ||
Intel Core i7-13800H Firmware | ||
Intel Core i7-13800HE Firmware | ||
Intel Core i7-13800HRE Firmware | ||
Intel Core i7-13850HX Firmware | ||
Intel Core i7-14700K | ||
Intel Core i7-14700KF | ||
Intel Core i9-13900 | ||
Intel Core i9-13900E Firmware | ||
Intel Core i9-13900F Firmware | ||
Intel Core i9-13900H Firmware | ||
Intel Core i9-13900HK Firmware | ||
Intel Core i9-13900HX Firmware | ||
Intel Core i9-13900K Firmware | ||
Intel Core i9-13900K Firmware | ||
Intel Core i9-13900KS firmware | ||
Intel Core i9-13900 Series | ||
Intel Core i9-13900TE Firmware | ||
Intel Core i9-13905H Firmware | ||
Intel Core i9-13950HX Firmware | ||
Intel Core i9-13980HX Firmware | ||
Intel Core i9-14900K | ||
Intel Core i9-14900KF | ||
Intel H770 | ||
Intel HM770 | ||
Intel U300 | ||
Intel U300e | ||
Intel WM790 | ||
Intel Z790 | ||
Insyde H2O | =05.45.24.0039 | |
All of | ||
Any of | ||
Intel Atom x7211e | ||
Intel Atom x7213E | ||
Intel Atom x7425E | ||
Intel Core i3-N300 | ||
Intel Core i3-N305 | ||
Intel N100 | ||
Intel N200 | ||
Intel N50 | ||
Intel N95 | ||
Intel N97 | ||
Insyde H2O | =05.44.45.0017 | |
All of | ||
Any of | ||
Intel Celeron 7300 Firmware | ||
Intel Celeron 7305E Firmware | ||
Intel Celeron G6900 | ||
Intel Celeron G6900T | ||
Intel Core i3-12100 Firmware | ||
Intel Core i3-12100F Firmware | ||
Intel Core i3-12100T Firmware | ||
Intel Core i3-1210U Firmware | ||
Intel Core i3-1215U Firmware | ||
Intel Core i3-1220P Firmware | ||
Intel Core i3-12300 | ||
Intel Core i3-12300T Firmware | ||
Intel Core i5-1230U Firmware | ||
Intel Core i5-1235U firmware | ||
Intel Core i5-12400 | ||
Intel Core i5-12400F Firmware | ||
Intel Core i5-12400T firmware | ||
Intel Core i5-1240P Firmware | ||
Intel Core i5-1240U firmware | ||
Intel Core i5-12450H Firmware | ||
Intel Core i5-12450HX Firmware | ||
Intel Core i5-1245U | ||
Intel Core i5-12490F | ||
Intel Core i5-12500 | ||
Intel Core i5-12500H Firmware | ||
Intel Core i5-12500T Firmware | ||
Intel Core i5-1250P Firmware | ||
Intel Core i5-12600 | ||
Intel Core i5-12600H Firmware | ||
Intel Core i5-12600HX Firmware | ||
Intel Core i5-12600K Firmware | ||
Intel Core i5-12600KF Firmware | ||
Intel Core i5-12600T Firmware | ||
Intel Core i7-1250U Firmware | ||
Intel Core i7-1255U | ||
Intel Core i7-1260P Firmware | ||
Intel Core i7-1260U Firmware | ||
Intel Core i7-12650H Firmware | ||
Intel Core i7-12650HX Firmware | ||
Intel Core i7-1265U Firmware | ||
Intel Core i7-12700E Firmware | ||
Intel Core i7-12700F | ||
Intel Core i7-12700H Firmware | ||
Intel Core i7-12700K Firmware | ||
Intel Core i7-12700K | ||
Intel Core i7-12700T | ||
Intel Core i7-1270p Firmware | ||
Intel Core i7-12800H firmware | ||
Intel Core i7-12800HX Firmware | ||
Intel Core i7-1280p Firmware | ||
Intel Core i7-12850HX Firmware | ||
Intel Core i9-12900 | ||
Intel Core i9-12900F | ||
Intel Core i9-12900H firmware | ||
Intel Core i9-12900HK Firmware | ||
Intel Core i9-12900HX | ||
Intel Core i9-12900K Firmware | ||
Intel Core i9-12900K Firmware | ||
Intel Core i9-12900KS Firmware | ||
Intel Core i9-12900T Firmware | ||
Intel Core i9-12950HX Firmware | ||
Intel Pentium Gold 8500 | ||
Intel Pentium Gold 8505 | ||
Intel Pentium Gold G7400 | ||
Intel Pentium Gold G7400 | ||
Insyde H2O | =05.44.34.0055 | |
All of | ||
Any of | ||
AMD Ryzen 3 7335U Firmware | ||
AMD Ryzen 3 7440U Firmware | ||
AMD Ryzen 5 6600H firmware | ||
AMD Ryzen 5 6600HS Firmware | ||
AMD Ryzen 5 6600U Firmware | ||
AMD Ryzen 5 7535HS Firmware | ||
AMD Ryzen 5 7535U firmware | ||
AMD Ryzen 5 7540U | ||
AMD Ryzen 5 7545U | ||
AMD Ryzen 5 PRO 7640H | ||
AMD Ryzen 5 7640U Firmware | ||
AMD Ryzen 5 Pro 7640HS Firmware | ||
AMD Ryzen 7 6800H Firmware | ||
AMD Ryzen 7 6800HS firmware | ||
AMD Ryzen 7 6800U Firmware | ||
AMD Ryzen 7 7735HS Firmware | ||
AMD Ryzen 7 7735U Firmware | ||
AMD Ryzen 7 7736U | ||
AMD Ryzen 7 Pro 7840H | ||
AMD Ryzen 7 7840U | ||
AMD Ryzen 7 Pro 7840HS | ||
AMD Ryzen 9 6900HS Firmware | ||
AMD Ryzen 9 6900HX Firmware | ||
AMD Ryzen 9 6980HS Firmware | ||
AMD Ryzen 9 6980HX firmware | ||
AMD Ryzen 9 7940H | ||
AMD Ryzen 9 7940HS | ||
AMD Ryzen 9 Pro 7940HS | ||
AMD Ryzen Z1 | ||
AMD Ryzen Z1 Extreme | ||
amd v314 | ||
AMD V3C16 | ||
AMD Ryzen Embedded V3C18 | ||
AMD Ryzen Embedded V3C44 | ||
AMD Ryzen Embedded V3C48 | ||
Insyde H2O | =05.53.28.0013 | |
All of | ||
Any of | ||
Intel Celeron 7305L Firmware | ||
Intel Core i3-1215UL Firmware | ||
Intel Core i3-12300HL | ||
Intel Core i5-1235UL Firmware | ||
Intel Core i5-1245UL Firmware | ||
Intel Core i5-12500HL Firmware | ||
Intel Core i5-12600HL Firmware | ||
Intel Core i7-1255UL Firmware | ||
Intel Core i7-1265UL Firmware | ||
Intel Core i7-12700HL Firmware | ||
Intel Core i7-12800HL Firmware | ||
Insyde H2O | =05.45.38.0005 | |
All of | ||
Any of | ||
AMD Ryzen 7 7645HX | ||
AMD Ryzen 7 7745HX Firmware | ||
AMD Ryzen 7 7840HX | ||
AMD Ryzen 9 7645HX3D | ||
AMD Ryzen 9 7845HX firmware | ||
AMD Ryzen 9 7940HX | ||
AMD Ryzen 9 7945HX Firmware | ||
Insyde H2O | =05.53.23.0011 | |
All of | ||
Any of | ||
AMD Athlon Gold 7220U Firmware | ||
AMD Athlon Silver 7120U | ||
AMD Ryzen 3 7320U | ||
AMD Ryzen 5 7520u firmware | ||
Insyde H2O | =05.53.23.0014 | |
All of | ||
Any of | ||
AMD Ryzen 5 7500F Firmware | ||
AMD Ryzen 5 7600 | ||
AMD Ryzen 5 7600X Firmware | ||
AMD Ryzen Pro 7645 | ||
AMD Ryzen 7 7700 | ||
AMD Ryzen 7 7700X | ||
AMD Ryzen 7 7800X3D | ||
AMD Ryzen 7 Pro 7745 Firmware | ||
AMD Ryzen 9 7900 | ||
AMD Ryzen 9 7900X Firmware | ||
AMD Ryzen 9 7900X3D firmware | ||
AMD Ryzen 9 7950X | ||
AMD Ryzen 9 7950X3D | ||
AMD Ryzen Pro 7945 | ||
Insyde H2O | =05.53.22.0008 | |
All of | ||
Insyde H2O | =05.44.30.0022 | |
Any of | ||
AMD Ryzen 3 7335U Firmware | ||
AMD Ryzen 5 6600H firmware | ||
AMD Ryzen 5 6600HS Firmware | ||
AMD Ryzen 5 6600U Firmware | ||
AMD Ryzen 5 7535HS Firmware | ||
AMD Ryzen 5 7535U firmware | ||
AMD Ryzen 7 6800H Firmware | ||
AMD Ryzen 7 6800HS firmware | ||
AMD Ryzen 7 6800U Firmware | ||
AMD Ryzen 7 7735HS Firmware | ||
AMD Ryzen 7 7735U Firmware | ||
AMD Ryzen 7 7736U | ||
AMD Ryzen 9 6900HS Firmware | ||
AMD Ryzen 9 6900HX Firmware | ||
AMD Ryzen 9 6980HS Firmware | ||
AMD Ryzen 9 6980HX firmware | ||
All of | ||
Insyde H2O | =05.43.06.0021 | |
AMD Van Gogh | ||
All of | ||
Insyde H2O | =05.42.37.0031 | |
Any of | ||
AMD Ryzen 3 5100 Firmware | ||
AMD Ryzen 3 5125C Firmware | ||
AMD Ryzen 3 5300G Firmware | ||
AMD Ryzen 3 5300GE Firmware | ||
AMD Ryzen 3 5400U Firmware | ||
AMD Ryzen 3 5425U Firmware | ||
AMD Ryzen 3 Pro 7330U Firmware | ||
AMD Ryzen 5 5500 firmware | ||
AMD Ryzen 5 5500H Firmware | ||
AMD Ryzen 5 5500U | ||
AMD Ryzen 5 5560U Firmware | ||
AMD Ryzen 5 5600GT Firmware | ||
AMD Ryzen 5 5600GE Firmware | ||
AMD Ryzen 5 5600H Firmware | ||
AMD Ryzen 5 5600HS Firmware | ||
AMD Ryzen 5 5600U Firmware | ||
AMD Ryzen 5 5625U Firmware | ||
AMD Ryzen 5 Pro 7530U | ||
AMD Ryzen 7 5700U Firmware | ||
AMD Ryzen 7 5700G Firmware | ||
AMD Ryzen 7 5700GE Firmware | ||
AMD Ryzen 7 5700U Firmware | ||
AMD Ryzen 7 5800H Firmware | ||
AMD Ryzen 7 5800HS Firmware | ||
AMD Ryzen 7 5800U Firmware | ||
AMD Ryzen 7 5825U Firmware | ||
AMD Ryzen 7 PRO 7730U Firmware | ||
AMD Ryzen 9 5900HS Firmware | ||
AMD Ryzen 9 5900HX Firmware | ||
AMD Ryzen 9 5980HS Firmware | ||
AMD Ryzen 3 5300U |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-39281 is considered a critical vulnerability due to its potential for arbitrary code execution.
To fix CVE-2023-39281, updating the InsydeH2O UEFI BIOS to the latest version that addresses this vulnerability is necessary.
CVE-2023-39281 affects systems utilizing Intel and AMD processors that run the specified InsydeH2O UEFI BIOS versions.
Exploitation of CVE-2023-39281 can lead to unauthorized access, allowing attackers to execute arbitrary code during the DXE phase.
CVE-2023-39281 was disclosed in 2023 and is part of ongoing efforts to enhance cybersecurity in firmware.