183 matches found
EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W
A flaw was found in the CreateHob function in EDK2. An attacker, leveraging a local network, can initiate an integer overflow leading to a buffer overflow. This issue arises during size alignment within the CreateHob function, requiring activation in the PEI phase. Successful exploitation of this...
BMC software fails to validate IPMI session.
Overview The Intelligent Platform Management Interface IPMI implementations in multiple manufacturer's Baseboard Management Controller BMC software are vulnerable to IPMI session hijacking. An attacker with access to the BMC network with IPMI enabled can abuse the lack of session integrity to...
HP PC BIOS Pre-boot DMA Protection Security Update
A potential security vulnerability has been reported in the system BIOS of certain HP PC products, which might allow memory tampering. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate th...
CVE-2023-43088
Dell Client BIOS contains a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...
Design/Logic Flaw
Dell Client BIOS contains a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...
CVE-2023-43088
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access can potentially exploit this to execute arbitrary code on the device. Advisory sources (NVD entry and related records) indicate the impact is focused on confidentiality, i...
CVE-2023-43088
Dell Client BIOS contains a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device...
Dell BIOS Security Vulnerability
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. A security vulnerability exists in Dell BIOS, which stems from pre-boot direct access to memory, and can be exploited by an attacker to execute arbitrary code on the device...
PT-2023-28692 · Dell · Dell Client Bios
Name of the Vulnerable Software and Affected Versions: Dell Client BIOS affected versions not specified Description: Dell Client BIOS contains a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability...
CVE-2023-29061
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication...
CVE-2023-29061
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication...
CVE-2023-29061
BD FACSChorus is affected by CVE-2023-29061 due to missing BIOS password on the workstation. In BD FACSChorus v5.0, v5.1, v3.0, and v3.1, a threat actor with physical access can access BIOS settings and modify boot order and pre-boot authentication. CVSS v3.1 base score 5.2 (AV:P, AC:L, PR:N, UI:...
PT-2023-24730 · Insyde · Insydeh2O
Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O versions 5.0 through 5.5 Description: An issue was discovered in SystemFirmwareManagementRuntimeDxe. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses...
shim: 3rd party shim allow secure boot bypass
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
shim: 3rd party shim allow secure boot bypass
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
CVE-2022-40080
Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges...
SUSE CVE-2022-34301
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
SUSE CVE-2022-34303
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use...
CVE-2022-34302
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
CVE-2022-34301
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...