CVE-2022-26873

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...

PT-2022-14974 · Ami · Ami Aptio 5.X

Name of the Vulnerable Software and Affected Versions: AMI Aptio 5.x Description: This issue allows an attacker with physical access to execute arbitrary code during the DXE phase. A malicious code installed as a result of vulnerability exploitation in the DXE driver could survive across an...