{
  "id": "CVE-2023-25600",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-03T15:15:19.340",
  "lastModified": "2023-08-03T15:37:04.917",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://www.insyde.com/security-pledge",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.insyde.com/security-pledge/SA-2023028",
      "source": "cve@mitre.org"
    }
  ]
}