DescriptionImproper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.02~5.28, and, H2OOAE before version, H2OSDE before version, H2OUVE before version, H2OPCM before version, H2OELV before version
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium


NOT-FOR-US: Insyde software tools

Search for package or bug name: Reporting problems