CVE-2024-21925

CVE-2024-21925 concerns the AmdPspP2CmboxV2 driver in the UEFI module. The flaw arises from insufficient input validation, enabling a privileged local attacker to overwrite SMRAM and achieve arbitrary code execution. Documentation notes this as a System Management Mode (SMM) related vulnerability...

CVE-2024-21925

Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution...

CVE-2024-33657

This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks...

CVE-2024-33657 Smm Callout in SmmComputrace Module

This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks...

CVE-2024-33657 Smm Callout in SmmComputrace Module

This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks...

Huawei PC Manager Improper Access Control Vulnerability

Huawei PC Manager is a computer management application from Huawei China. An improper access control vulnerability exists in Huawei PC Manager, which can be exploited by an attacker to cause a SMRAM disclosure...

CVE-2023-52710

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26, As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of...

CVE-2023-52548

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26 Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM...

CVE-2023-52547

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM...

CVE-2023-52547

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM...

CVE-2023-52710

CVE-2023-52710 affects Huawei MateBook D16 (Model CREM-WXX9, BIOS v2.26). The issue is insufficient validation of the communication buffer size, allowing partial overlap with the start of SMRAM and potentially enabling code execution in SMM. Connected documents confirm the affected hardware and r...

CVE-2023-52710

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26, As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of...

CVE-2023-52710

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26, As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of...

CVE-2023-52548

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26 Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM...

CVE-2023-52548

CVE-2023-52548 affects Huawei Matebook D16 (Model CREM-WXX9; BIOS v2.26). A buffer/ARbitrary memory corruption in the SMI Handler of the ThisiServicesSmm SMM module can allow a local attacker to corrupt SMRAM memory and potentially achieve code execution in SMM. Documented impact is high (CVE CVS...

CVE-2023-52548

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26 Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM...

CVE-2023-52547

Huawei Matebook D16 (Model CREM-WXX9, BIOS v2.26) is affected by memory corruption in the SMI Handler of the HddPassword SMM Module, which can corrupt data structures at the start of SMRAM and potentially enable code execution in SMM. This vulnerability, described in CVE-2023-52547 and linked Hua...

CVE-2023-52547

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM...

CVE-2023-52547

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM...

The vulnerability of UEFI (BIOS) microprogramming software in Huawei personal computers allows a hacker to execute arbitrary code.

The vulnerability of UEFI BIOS in Huawei personal computers is related to the execution of operations outside the buffer in SMRAM. Exploiting this vulnerability allows an attacker to execute arbitrary code in System Management Mode SMM...