5 matches found
HPESBCR04982 rev.1 - HPE Cray XD670 Server Using UEFI, Multiple Vulnerabilities
Potential Security Impact: Local: Code Execution; Remote: Denial of Service DoS, Disclosure of Information, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cray XD670 - Prior to v2.06 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | |...
SMM callout vulnerabilities identified in Gigabyte UEFI firmware modules
Overview System Management Mode SMM callout vulnerabilities have been identified in UEFI modules present in Gigabyte firmware. An attacker could exploit one or more of these vulnerabilities to elevate privileges and execute arbitrary code in the SMM environment of a UEFI-supported processor. Whil...
K000150432: Intel UEFI vulnerabilities CVE-2024-39279 and CVE-2024-28047
Security Advisory Description CVE-2024-39279 Insufficient granularity of access control in UEFI firmware in some IntelR processors may allow a authenticated user to potentially enable denial of service via local access. CVE-2024-28047 Improper input validation in UEFI firmware for some IntelR...
HPESBNW04239 rev.3 - HPE Aruba 9000 Series Gateways, Multiple UEFI Vulnerabilities
Potential Security Impact: Local: Access Restriction Bypass, Arbitrary Code Execution, Compromise of System Integrity, Elevated Privileges, Gain Extended Privileges, Increase in Privilege, memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba 9000 Gateway - See...
DHS Warns of UEFI Hardware Vulnerabilities
The CERT/CC at Carnegie Mellon University today released three advisories warning of vulnerabilities that affect some unified extensible firmware interface UEFI systems and the BIOS of some Intel chipsets. Hardware and firmware vulnerabilities, such as these reported by Corey Kallenberg of MITRE...