77 matches found
PT-2024-2748
Name of the Vulnerable Software and Affected Versions HP Workstation PCs affected versions not specified Description A potential security issue has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of...
CVE-2023-39537 Improper input validation in BIOS TCG2
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability...
Multi-vendor BIOS Security Vulnerabilities (October 2023) - Lenovo Support US
No description provided...
Multi-vendor BIOS Security Vulnerabilities (August 2023) - Lenovo Support US
No description provided...
Input validation
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...
CVE-2022-31638
Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...
Information disclosure
Potential Time-of-Check to Time-of Use TOCTOU vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure...
K24359631: Intel BIOS firmware vulnerability CVE-2022-21198
Security Advisory Description Time-of-check time-of-use race condition in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-21198 Impact There is no impact; F5 products are not affected by this...
CVE-2021-3809
Potential security vulnerabilities have been identified in the BIOS UEFI Firmware for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities...
Design/Logic Flaw
Potential security vulnerabilities have been identified in the BIOS UEFI Firmware for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities...
CVE-2022-40250
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system OS and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI...
CVE-2022-26859
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM...
2022.2 IPU – BIOS Advisory
Summary: A potential security vulnerability in the BIOS firmware for some Intel® Processors may allow escalation of privilege. Intel is releasing BIOS updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33060 Description: Out-of-bounds write in the BIOS firmwa...
CVE-2022-26863
Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM...
2022.1 IPU – BIOS Advisory
Summary: Potential security vulnerabilities in the BIOS firmware or BIOS authenticated code module for some Intel® Processors may allow escalation of privilege or information disclosure. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID:...
CVE-2021-33124
Out-of-bounds write in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...
CVE-2021-0159
Improper input validation in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...
Multi-vendor BIOS Security Vulnerabilities (May 2022) - Lenovo Support US
No description provided...
CVE-2022-23927
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure...
UX360CA BIOS through 303 on ASUS Code Execution Vulnerability
The Asus UX360CA BIOS through 303 is a laptop from Asus Japan. The UX360CA BIOS through 303 on ASUS contains a security vulnerability that can be exploited by an attacker to overwrite almost any physical memory location and execute arbitrary code in the SMM...