Vulnerability Details : CVE-2022-35408
Potential exploit
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)
Products affected by CVE-2022-35408
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-35408
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-35408
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-05-27 |
|
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
CWE ids for CVE-2022-35408
-
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2022-35408
-
https://www.insyde.com/security-pledge
Insyde's Security Pledge | Insyde SoftwareVendor Advisory
-
https://www.insyde.com/security-pledge/SA-2022031
Insyde Security Advisory 2022031 | Insyde SoftwareVendor Advisory
-
https://binarly.io/advisories/BRLY-2022-022/index.html
[BRLY-2022-022] SMM callout vulnerability in SMM driver (SMM arbitrary code execution).Exploit;Third Party Advisory
Jump to