6 matches found
EUVD-2022-43559
Malicious code in bioql PyPI...
CVE-2023-52711
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially...
CVE-2022-40261 SMM memory corruption vulnerability in OverClockSmiHandler SMM driver
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system OS and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI...
CVE-2021-21574
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions...
CVE-2021-21573
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions...
Dell BIOSConnect feature 缓冲区错误漏洞
Dell BIOSConnect is an underlying platform from Dell USA that enables BIOS to connect to Dell's HTTP backend and load images via HTTP methods. A buffer error vulnerability exists in the Dell BIOSConnect feature that can be exploited by an attacker to run arbitrary code and bypass UEFI restriction...