Privilege escalation in Insyde software for mobile platforms
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-39281 |
| CWE-ID | CWE-121 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Mehlow Mobile applications / Mobile firmware & hardware Mehlow-R(CFL-S) Mobile applications / Mobile firmware & hardware Tatlow (RKS) Mobile applications / Mobile firmware & hardware Raptor Lake Mobile applications / Mobile firmware & hardware Alder Lake N Mobile applications / Mobile firmware & hardware Alder Lake Mobile applications / Mobile firmware & hardware Phoenix FP7_FP8 / Hawk Point 5.5 Mobile applications / Mobile firmware & hardware Dragon Range Mobile applications / Mobile firmware & hardware Mendocino Mobile applications / Mobile firmware & hardware Raphael Mobile applications / Mobile firmware & hardware Rembrandt Mobile applications / Mobile firmware & hardware VanGogh Mobile applications / Mobile firmware & hardware Barcelo Mobile applications / Mobile firmware & hardware Cezanne Mobile applications / Mobile firmware & hardware Lucienne Mobile applications / Mobile firmware & hardware |
| Vendor | Insyde Software |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Stack-based buffer overflow
EUVDB-ID: #VU82610
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39281
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in AsfSecureBootDxe. A local user can trigger a stack-based buffer overflow and execute arbitrary code during DXE phase during DXE phase.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMehlow: All versions
Mehlow-R(CFL-S): All versions
Tatlow (RKS): All versions
Raptor Lake: before 05.45.24.0039
Alder Lake N: before 05.44.45.0017
Alder Lake: before 05.44.34.0055
Phoenix FP7_FP8 / Hawk Point 5.5: before 05.53.28.0013
Dragon Range: before 05.53.23.0011
Mendocino: before 05.53.23.0014
Raphael: before 05.53.22.0008
Rembrandt: before 05.44.30.0022
VanGogh: before 05.43.06.0021
Barcelo: before 05.42.37.0031
Cezanne: before 05.42.37.0031
Lucienne: before 05.42.37.0031
CPE2.3- cpe:2.3:a:insyde_software:mehlow:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:mehlow-r_cfl-s:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:tatlow_rks:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:raptor_lake:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:alder_lake_n:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:alder_lake:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:phoenix_fp7_fp8_hawk_point_5.5:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:dragon_range:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:mendocino:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:raphael:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:rembrandt:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:vangogh:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:barcelo:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:cezanne:*:*:*:*:*:*:*:*
- cpe:2.3:a:insyde_software:lucienne:*:*:*:*:*:*:*:*
https://www.insyde.com/security-pledge/SA-2023054
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
