SMM Lock Bypass

🗓️ 09 Aug 2024 00:00:00Reported by amd.comType

amd🔗 www.amd.com👁 85 Views

Attacker can modify SMM configuration despite SMM Lock, leading to potential arbitrary code execution.

Reporter	Title	Published	Views	Family All 128
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	27 May 202523:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in linux-firmware (CVE-2023-20584, CVE-2023-31315, CVE-2023-31356) affect Power HMC.	15 Apr 202503:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities	30 Jan 202513:31	–	ibm
FreeBSD	AMD CPUs -- Guest Memory Vulnerabilities	9 Aug 202400:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : iwl100-firmware, iwl105-firmware, iwl135-firmware (ALAS2023-2024-706)	19 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : linux-firmware (ALAS-2024-2626)	21 Aug 202400:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0223: linux-firmware (ALINUX3-SA-2024:0223)	14 May 202500:00	–	nessus
Tenable Nessus	Fedora 41 : linux-firmware (2024-3cd42e9e29)	14 Nov 202400:00	–	nessus
Tenable Nessus	Fedora 39 : linux-firmware (2024-3dbf10c949)	17 Sep 202400:00	–	nessus
Tenable Nessus	Fedora 40 : linux-firmware (2024-f32e633786)	11 Sep 202400:00	–	nessus

18 Nov 2024 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.5

EPSS0.00032

SSVC