Insyde Product Security Update Advisory (CVE-2025-4275)

Jul 01 2025

Overview

We have released a security update to address a vulnerability in Insyde products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-4275

InsydeH2O Versions: 5.2 or later but before 05.2A.16
InsydeH2O Version: 5.3 or later but before 05.39.16
InsydeH2O Version: 5.4 or later but before 05.47.16
InsydeH2O version: 5.5 or later and less than 05.55.16
InsydeH2O version: 5.6 or later and less than 05.62.16
InsydeH2O version: 5.7 or later and less than 05.71.16

Resolved Vulnerabilities

Authentication Bypass and Secure Boot Bypass vulnerabilities in InsydeH2O (CVE-2025-4275)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-4275

InsydeH2O kernel 5.2 version: 05.2A.16
InsydeH2O kernel 5.3 version: 05.39.16
InsydeH2O kernel 5.4 version: 05.47.16
InsydeH2O kernel 5.5 version: 05.55.16
InsydeH2O kernel 5.6 version: 05.62.16
InsydeH2O kernel 5.7 version: 05.71.16

References

[1] insyde-sa-2025002
https://www.insyde.com/security-pledge/sa-2025002/

Insyde Product Security Update Advisory (CVE-2025-4275)

Cisco Product Security Update Advisory

Printer and Multifunction Device Family Security Advisory

Tags:

Cisco Product Security Update Advisory

Printer and Multifunction Device Family Security Advisory