PT-2025-41922

Name of the Vulnerable Software and Affected Versions APTIOV affected versions not specified Description APTIOV BIOS contains a flaw that allows a local attacker to trigger an Out-of-bounds Write. Successful exploitation of this issue may result in data corruption and a loss of system availabilit...

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where a user can cause an Integer Overflow or Wrap-around error through network means. Successful exploitation of this vulnerability may lead to a denial of service...

PT-2025-6683 · Intel · Intel Server M50Fcp

Name of the Vulnerable Software and Affected Versions: IntelR Server M50FCP family versions prior to R01.02.0002 Description: The issue is related to an uncontrolled search path element in some BIOS and System Firmware Update Packages. This could potentially allow a privileged user to enable...

PT-2024-11951 · Asp +1 · Asp +1

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The issue is related to incomplete cleanup in the ASP, which may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltrati...

The vulnerability of UEFI (BIOS) in Huawei personal computers allows a hacker to gain unauthorized access to arbitrary functions.

The vulnerability of UEFI BIOS in Huawei personal computers is related to improper control of access to the SMI handler interface. Exploiting this vulnerability can allow an attacker to gain unauthorized access to arbitrary functions...

Intel BIOS Guard firmware 安全漏洞

Intel Bios is a basic input-output system used by Intel Corporation USA to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in the Intel BIOS Guard firmware that stems from t...

Lenovo ThinkStation 安全漏洞

Lenovo ThinkStation Lenovo Desktop Workstation is a desktop workstation from the Chinese company Lenovo. A security vulnerability exists in the BIOS of Lenovo Desktop, Smart Edge, and ThinkStation, which originates from a vulnerability that allows a local attacker with elevated privileges to writ...

The vulnerability of the BIOS loading, update, backup, and recovery utility from the Phoenix WinPhlash flash device (previously known as Phoenix SecureCore Tiano WinFlash) is related to deficiencies in access control mechanisms, allowing attackers to escalate their privileges.

The vulnerability of the BIOS loading, backup, and recovery utility for the Phoenix WinPhlash flash device previously known as Phoenix SecureCore Tiano WinFlash is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...

Intel Bios 安全漏洞

Intel Bios is a basic input-output system from Intel Corporation USA used to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in Intel Bios. An attacker could exploit the...

PT-2023-12865 · Intel · Intel Processors

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to improper access control in the BIOS firmware for some IntelR Processors. This may allow a privileged user to potentially enable escalation of privilege via...

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, Inc. A security vulnerability exists in Dell BIOS that stems from an incorrect input validation vulnerability that could be exploited by a malicious, locally authenticated user with administrator privileges...

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. The Dell BIOS has a security vulnerability that originates from incorrect input validation. An attacker could exploit this vulnerability to execute arbitrary code in SMRAM using the SMI Serial Interface...

PT-2022-23627 · Intel · Intel Nuc 10 Performance Mini Pcs +1

Name of the Vulnerable Software and Affected Versions: IntelR NUC 10 Performance Kits and IntelR NUC 10 Performance Mini PCs versions prior to FNCML357.0053 Description: The issue is related to improper access control in BIOS firmware, which may allow a privileged user to enable escalation of...

Intel BIOS firmware 安全漏洞

Intel BIOS firmware is a set of programs from the U.S. company Intel that are solidified onto a ROM chip on the motherboard inside a computer. A security vulnerability exists in the Intel BIOS firmware that could lead to privilege escalation or information disclosure...

HP PC 安全漏洞

HP PC is a computer product of Hewlett-Packard HP Company, USA. A security vulnerability exists in the HP PC BIOS that allows privilege escalation, arbitrary code execution, unauthorized code execution, denial of service, and information disclosure...

The vulnerability of BIOS microprogramming systems in Dell laptops, related to insufficient verification of data authenticity, allows attackers to gain unauthorized access to protected information.

The vulnerability of BIOS microprogramming systems in Dell laptops is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

Intel Processors BIOS firmware 缓冲区错误漏洞

Intel Processors are American Intel Corporation's offerings that interpret computer instructions and process data in computer software. The Intel Processors BIOS firmware suffers from a buffer error vulnerability that stems from a potential security flaw in the BIOS firmware of Intel Processors. ...

reblog

Defeating a Laptop's BIOS Password We found a laptop laying a...

Absolute Computrace Agent stub component code execution vulnerability

Absolute Computrace Agent is an agent program for monitoring computer systems. A security vulnerability exists in the stub component of Absolute Computrace Agent version 70.785, which can be exploited to allow the program to execute certain code without a digital signature. A remote attacker can...

Multiple Dell devices vulnerable

Dell Latitude, etc. are the products of the United States Dell Dell company.Dell Latitude and OptiPlex are notebook product models; Precision Mobile Workstation is a precision mobile workstation; Precision Workstation CS is a set of mobile workstation Client; BIOS Basic Input-Output System is a s...