Lucene search
K

4 matches found

OSV
OSV
added 2024/05/28 7:15 a.m.5 views

CVE-2023-52711

Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially...

7.8CVSS6.1AI score0.00115EPSS
Exploits0References1
OSV
OSV
added 2022/09/20 6:15 p.m.4 views

CVE-2022-40261

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system OS and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI...

8.2CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 2022/09/20 5:35 p.m.24 views

CVE-2022-40261 SMM memory corruption vulnerability in OverClockSmiHandler SMM driver

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system OS and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI...

8.5AI score0.0033EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2022/04/19 12:31 p.m.66 views

New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops

Three high-impact Unified Extensible Firmware Interface UEFI security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and...

7.2CVSS1.3AI score0.02999EPSS
Exploits1
Rows per page
Query Builder