3 matches found
CVE-2022-40261
creationtimestamp| type| source ---|---|--- 2022-09-20 22:39:44+00:00| seen| https://t.me/cibsecurity/50162...
CVE-2022-40261 SMM memory corruption vulnerability in OverClockSmiHandler SMM driver
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system OS and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI...
CVE-2022-40261
CVE-2022-40261 concerns the OverClockSmiHandler SMM driver. The provided documents describe a local-privilege-escalation flaw that allows an attacker to elevate to System Management Mode (ring -2), execute arbitrary code in SMM, and bypass SMM‑based SPI flash protections, enabling a malicious BIO...