CVE-2024-52878 | Insyde InsydeH2O up to 05.70.49 VariableRuntimeDxe Driver VariableServicesSetVariable buffer overflow

A vulnerability has been found in Insyde InsydeH2O up to 05.70.49 and classified as critical. Affected by this vulnerability is the function VariableServicesSetVariable of the component VariableRuntimeDxe Driver. The manipulation leads to buffer overflow.

This vulnerability is known as CVE-2024-52878. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More