Primary

Context

InsydeH2O Drivers Buffer Overflow Vulnerability

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the InsydeH2O tool packages. The issue arises because the drivers use the RTL_QUERY_REGISTRY_DIRECT flag to read a registry value, which an untrusted user-mode application may exploit to cause a buffer overflow. This vulnerability affects several drivers, including H2OFFT32.sys, H2OFFT64.sys, egwindrv.sys, and egwindrvx64.sys.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, allowing for potential arbitrary code execution or causing a system crash.

Remediation

Users are advised to update to version 6.76.00 for the mobile version of H2OFFT, version 200.02.01.00 for the server/embedded version of H2OFFT, or version 200.02.01.00 for H2OUVE, H2OSDE, H2ORTE, H2OOAE, H2OPCM, H2OELV, H2OUVE_ARM, H2OSDE_ARM, H2ORTE_ARM, or to the latest version of the OEM tools HP FlashWin, HP Readback tool, HP FlashVerifyUtility, or HP IsSecureBootKeyInstaller.

Added: Jan 14, 2026, 1:20 AM

Updated: Jan 14, 2026, 1:20 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

2.9

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

2.9

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

InsydeH2O Drivers Buffer Overflow Vulnerability

Vulnerability

Impact

Remediation

Affected Products

InsydeH2O

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating