InsydeH2O
Moderate fix2 remedies
cpe:2.3:a:insyde:insydeh20:*:*:*:*:*:*:*
Moderate fix2 remedies
- < 6.76.00
- < 200.02.01.00
InsydeH2O Drivers Buffer Overflow Vulnerability in egwindrv.sys
Vulnerability
Patched
A buffer overflow vulnerability has been identified in the InsydeH2O driver 'egwindrv.sys'. This vulnerability arises because the driver uses the RTL_QUERY_REGISTRY_DIRECT flag to read a registry value, which an untrusted user-mode application may exploit to cause a buffer overflow.
Impact
Exploitation of this vulnerability could lead to a buffer overflow, allowing for potential arbitrary code execution or other malicious actions.
Remediation
Users are advised to update to version 200.02.01.00 or newer. For those using HP tools, versions 6.51.00, 1.2.4.0, 6.2.5.0, and 1.2.0.2 are recommended.
Added: Jan 14, 2026, 2:20 AM
Updated: Jan 14, 2026, 2:20 AM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
2.7remediation
7.7relevance
2.2threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.