CVE-2024-55567

| EUVD-2024-54678 HIGH
2025-06-12 [email protected]
RCE Insydeh2o
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 21:20 euvd
EUVD-2024-54678
Analysis Generated
Mar 14, 2026 - 21:20 vuln.today
CVE Published
Jun 12, 2025 - 17:15 nvd
HIGH 7.5

DescriptionNVD

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.

AnalysisAI

CVE-2024-55567 is an improper input validation vulnerability in the UsbCoreDxe module of Insyde InsydeH2O firmware that allows authenticated local attackers with high privileges to bypass SMM (System Management Mode) protections and execute arbitrary code at the highest firmware privilege level. This affects multiple kernel versions (5.4, 5.5, 5.6, 5.7) across numerous OEM BIOS implementations, enabling complete system compromise including kernel-level code execution and memory access. While CVSS rates this as 7.5 (high), real-world exploitation requires local access and administrative/BIOS-level privileges, though no public POC or active KEV designation has been confirmed.

Technical ContextAI

The vulnerability exists in UsbCoreDxe, a UEFI DXE (Driver Execution Environment) module responsible for USB device enumeration and communication. InsydeH2O is a proprietary BIOS/UEFI firmware platform used by numerous OEMs. The SMM (System Management Mode) is a privileged x86 processor mode used for low-level hardware management tasks that executes outside normal operating system control. The vulnerability is rooted in CWE-20 (Improper Input Validation), specifically in SMM call-out handlers that fail to properly validate parameters passed from less-privileged code. Attackers can craft malicious USB descriptor data or firmware interface calls to trigger out-of-bounds memory writes or unvalidated function pointer dereferences within SMRAM (SMM-protected memory), leading to arbitrary code execution at SMM level. The USB subsystem's position in the firmware stack makes this particularly dangerous, as USB initialization occurs before OS boot, with minimal validation of device descriptors.

RemediationAI

  • method: Firmware Update (Primary); action: Update InsydeH2O kernel to patched versions: 5.4 to 05.47.01 or later, 5.5 to 05.55.01 or later, 5.6 to 05.62.01 or later, 5.7 to 05.71.01 or later. Contact OEM (Dell, HP, Lenovo, ASUS, etc.) for BIOS updates specific to your motherboard/system model, as InsydeH2O is integrated into OEM firmware distributions.
  • method: Interim Mitigation (if patches unavailable); action: Restrict physical USB port access and disable USB device enumeration in BIOS settings if business continuity allows. Implement secure boot and firmware integrity verification (TPM-backed) to detect unauthorized modifications. Limit local administrative access and enable BIOS/firmware update authentication.
  • method: Detection and Monitoring; action: Monitor system logs for unexpected SMM mode activity or firmware modifications. Implement firmware vulnerability scanning tools compatible with your UEFI firmware to detect vulnerable UsbCoreDxe versions.

Share

CVE-2024-55567 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy