2 matches found
GhostLock: SMB Deny-Share Handles As a Zero-Privilege Availability Weapon
GhostLock demonstrates that a low-privileged Windows domain user with standard read access to an SMB share can produce ransomware-equivalent organizational availability impact with zero writes, zero encryption, and zero signals in every behavioral defense the modern enterprise security stack...
PT-2024-11955 · Smm +1 · Smm +1
Name of the Vulnerable Software and Affected Versions: SMM affected versions not specified Description: A TOCTOU Time-Of-Check-Time-Of-Use issue in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer, potentially resulting ...