Lucene search
K
AmiAptio V

30 matches found

CVE
CVE
added 2023/12/06 3:15 p.m.96 views

CVE-2023-39539

CVE-2023-39539 corresponds to a vulnerability in AMI AptioV BIOS where a user with local access can trigger an unrestricted upload of a PNG logo file (via the BMP Logo Handler) with a dangerous type. The underlying issue is described as a local elevation/impactful modification of boot-time/logo h...

7.8CVSS7.5AI score0.00623EPSS
CVE
CVE
added 2023/12/06 3:17 p.m.92 views

CVE-2023-39538

CVE-2023-39538 concerns AMI AptioV BIOS where an attacker with local access can trigger an unrestricted upload of a BMP Logo file deemed dangerous, potentially affecting confidentiality, integrity, and availability. The vulnerability stems from BMP logo handling in AMI AptioV BIOS and has been di...

7.8CVSS7.5AI score0.00224EPSS
CVE
CVE
added 2025/05/13 2:2 p.m.74 views

CVE-2024-42446

CVE-2024-42446 affects AMI AptioV BIOS with a TOCTOU race condition in BIOS code that can be triggered by a local attacker, potentially leading to arbitrary code execution. The description and connected sources consistently cite a local-exploit path and a high-impact outcomes (arbitrary code exec...

7.5CVSS7.7AI score0.00111EPSS
CVE
CVE
added 2022/09/20 5:35 p.m.72 views

CVE-2022-26873

CVE-2022-26873 affects AMI Aptio 5.x PlatformInitAdvancedPreMem. The issue is described as a stack buffer overflow in PlatformInitAdvancedPreMem that can allow arbitrary code execution during the PEI phase, potentially enabling mitigation bypass, memory contents disclosure, VM secrets access, and...

8.2CVSS8.2AI score0.00402EPSS
CVE
CVE
added 2022/09/20 5:35 p.m.69 views

CVE-2022-40262

CVE-2022-40262 concerns memory corruption in the S3Resume2Pei component that can allow arbitrary code execution during the PEI phase and affect subsequent boot stages. The affected element is injected into SMRAM, with potential to bypass mitigations, disclose physical memory, access secrets from ...

8.2CVSS8.2AI score0.00311EPSS
CVE
CVE
added 2022/09/20 5:35 p.m.62 views

CVE-2022-40261

CVE-2022-40261 concerns the OverClockSmiHandler SMM driver. The provided documents describe a local-privilege-escalation flaw that allows an attacker to elevate to System Management Mode (ring -2), execute arbitrary code in SMM, and bypass SMM‑based SPI flash protections, enabling a malicious BIO...

8.2CVSS8.3AI score0.0033EPSS
CVE
CVE
added 2024/11/12 3:0 p.m.60 views

CVE-2024-42442

CVE-2024-42442 concerns AMI AptioV BIOS vulnerability: a network-triggered flaw allows code execution outside the intended System Management Mode by compromising BIOS memory boundaries. The description notes a memory-buffer restriction breach enabling execution beyond SMRAM, with exploitation des...

8.8CVSS7.3AI score0.00788EPSS
CVE
CVE
added 2025/05/29 2:0 p.m.59 views

CVE-2025-33043

CVE-2025-33043 is an SMM/AMI AptioV BIOS vulnerability involving improper input validation in BIOS code, enabling local attacker to redirect memory references into SMRAM and potentially execute code in the System Management Mode. The impact is elevation of privileges with the ability to modify fi...

6.1CVSS6.9AI score0.00174EPSS
CVE
CVE
added 2022/09/20 5:35 p.m.58 views

CVE-2022-40250

CVE-2022-40250 affects AMI Aptio 5.x via a stack overflow in the SMI handler of SmmSmbiosElog. The vulnerability allows local privilege escalation to System Management Mode (SMM), enabling arbitrary code execution in a highly privileged context, bypassing SMM SPI flash protections and potentially...

8.8CVSS8.8AI score0.00448EPSS
CVE
CVE
added 2024/11/12 3:1 p.m.58 views

CVE-2024-33658

AMI AptioV BIOS contains a local vulnerability (improper restriction of operations within the bounds of a memory buffer). The issue can be exploited locally to escalate privileges and potentially execute arbitrary code, impacting integrity. Connected sources identify AptioV BIOS as the affected c...

7.8CVSS7.3AI score0.00189EPSS
CVE
CVE
added 2023/09/12 3:21 p.m.51 views

CVE-2023-34470

AMI AptioV BIOS contains an access-control vulnerability allowing an attacker on the local network to potentially compromise confidentiality, integrity, and availability. The root cause is an improper access-control policy in the BIOS. The CVE entry notes impact but does not provide concrete expl...

7.8CVSS6.8AI score0.00153EPSS
CVE
CVE
added 2024/11/12 3:1 p.m.49 views

CVE-2024-2315

CVE-2024-2315 concerns AMI AptioV BIOS firmware with an issue labeled as an improper access control vulnerability in the BIOS that could allow a local attacker to modify SPI flash and trigger BIOS boot kit launches, potentially affecting availability and, to a lesser extent, integrity according t...

7.1CVSS6.3AI score0.00127EPSS
CVE
CVE
added 2024/11/12 3:0 p.m.44 views

CVE-2024-33660

CVE-2024-33660 describes a vulnerability in AMI AptioV firmware whereby an attacker with physical access can manipulate SPI flash without detection, potentially enabling firmware tampering. Connected sources (CNNVD, CIRCL, CVELIST, VULNRICHMENT) corroborate AMI AptioV/SPI‑flash context; however, ...

5.2CVSS4.5AI score0.00144EPSS
CVE
CVE
added 2024/08/21 4:16 p.m.42 views

CVE-2024-33656

CVE-2024-33656 affects the DXE module SmmComputrace. The vulnerability enables local attackers to leak stack or global memory, potentially causing privilege escalation, arbitrary code execution, and bypassing OS security mechanisms. Affects DXE SmmComputrace with local attack vector, low attack c...

7.8CVSS7.7AI score0.00162EPSS
CVE
CVE
added 2024/08/21 4:17 p.m.42 views

CVE-2024-33657

CVE-2024-33657 describes a SMM vulnerability (SmmCallout in SmmComputrace Module) that could allow a local, privileged attacker to execute arbitrary code, manipulate stack memory, and leak data from SMRAM to kernel space, potentially causing a denial of service. Affected component is within SMM/C...

7.8CVSS7.6AI score0.00193EPSS
CVE
CVE
added 2025/03/11 2:1 p.m.42 views

CVE-2024-54084

CVE-2024-54084: APTIOV BIOS vulnerability causes a TOCTOU race condition that an attacker can exploit locally to achieve arbitrary code execution. Documents indicate an impact to BIOS components with high confidentiality, integrity, and availability implications and a local attack vector with hig...

7.5CVSS7.5AI score0.00114EPSS
CVE
CVE
added 2025/02/11 3:0 p.m.41 views

CVE-2024-33659

The CVE-2024-33659 entry concerns AMI AptioV BIOS with an Improper Input Validation flaw that allows a local attacker to overwrite memory and execute arbitrary code at the System Management Mode (SMM) level, impacting confidentiality, integrity, and availability. Documents consistently identify t...

8.8CVSS7.4AI score0.0016EPSS
CVE
CVE
added 2025/01/14 3:0 p.m.40 views

CVE-2024-42444

CVE-2024-42444 affects AMI AptioV BIOS and is described as a TOCTOU race condition involving BIOS components (DMA/SMM) that may allow local attackers to execute arbitrary code on the target device. The available sources consistently report a BIOS-level vulnerability with a TOCTOU contention condi...

7.8CVSS7.6AI score0.00117EPSS
CVE
CVE
added 2023/09/12 3:21 p.m.39 views

CVE-2023-34469

The CVE-2023-34469 entry refers to AMI AptioV BIOS with an improper access control issue over the physical network, leading to a potential loss of confidentiality. Documents consistently describe the vulnerability as BIOS-related, affecting BIOS/firmware behavior, but do not provide concrete expl...

4.9CVSS4.6AI score0.00216EPSS
CVE
CVE
added 2023/11/14 9:23 p.m.37 views

CVE-2023-39535

CVE-2023-39535 concerns AMI AptioV BIOS with a vulnerability due to improper input validation that can be triggered over a local network. Affected: AMI AptioV BIOS firmware (BIOS-level component). Root cause: input validation weakness in the BIOS enabling a local network attacker to potentially c...

7.8CVSS7.4AI score0.00206EPSS
CVE
CVE
added 2023/11/14 9:24 p.m.36 views

CVE-2023-39537

AMI AptioV BIOS contains a vulnerability where improper input validation over a local network can lead to loss of confidentiality, integrity, and availability. Affected: AMI AptioV BIOS firmware (TCG2 context). Root cause: improper input validation in BIOS as described in CVE-2023-39537. Impact: ...

7.8CVSS7.4AI score0.00206EPSS
CVE
CVE
added 2023/11/14 9:24 p.m.34 views

CVE-2023-39536

AMI AptioV BIOS contains an improper input validation vulnerability that can be exploited over a local network, potentially impacting confidentiality, integrity, and availability. Affected software: AMI AptioV BIOS. Root cause: input validation issue in BIOS handling over LAN. Exploitation status...

7.8CVSS7.4AI score0.00206EPSS
CVE
CVE
added 2025/08/12 2:2 p.m.23 views

CVE-2025-22830

The CVE-2025-22830 entry concerns AMI Aptiov BIOS whoseRace Condition occurs when a user with local access can trigger a vulnerability in the BIOS. The root cause is a local race condition that can lead to resource exhaustion, with impacts stated as Confidentiality, Integrity, and Availability be...

7.3CVSS6.9AI score0.00088EPSS
CVE
CVE
added 2025/12/12 3:3 p.m.19 views

CVE-2025-58770

CVE-2025-58770 concerns the AMI AptioV BIOS, where a local attacker can trigger improper handling of insufficient permissions to escalate privileges. The vulnerability affects the BIOS/firmware layer of AptioV implementations and may impact integrity, availability, and potentially lead to elevate...

8.8CVSS6.5AI score0.00102EPSS
CVE
CVE
added 2025/08/12 2:2 p.m.16 views

CVE-2025-22834

AMI AptioV BIOS contains a vulnerability described as an “Improper Initialization” caused by local access, potentially affecting confidentiality, integrity, and availability. Affected component is BIOS firmware (AMI AptioV); root cause is improper initialization. Exploitation details are not prov...

5.3CVSS7AI score0.00117EPSS
CVE
CVE
added 2025/09/09 2:0 p.m.14 views

CVE-2025-33045

AMI AptioV BIOS contains BIOS-level vulnerabilities enabling a privileged local attacker to perform a write-what-where operation and expose sensitive information, potentially leading to information disclosure and arbitrary data writes with impact to confidentiality, integrity, and availability. S...

8.2CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/10/14 2:0 p.m.13 views

CVE-2025-22832

CVE-2025-22832 concerns a local, BIOS-level out-of-bounds write in AMI AptioV. The vulnerability affects AptioV BIOS (firmware) and is exploitable by a local attacker, with reported impacts including data corruption and loss of availability. The CVSS context indicates a local attack vector with l...

7.8CVSS6.6AI score0.0014EPSS
CVE
CVE
added 2025/10/14 2:0 p.m.13 views

CVE-2025-22833

CVE-2025-22833 (AMI APTIOV BIOS) : A vulnerability in the BIOS of AMI APTIOV firmware allows a local attacker to trigger a buffer copy that does not validate input size, potentially enabling arbitrary code execution. Affected component: APTIOV BIOS/firmware. Impact (per sources): high confidentia...

7.3CVSS7.2AI score0.00151EPSS
CVE
CVE
added 2025/10/14 2:0 p.m.11 views

CVE-2025-22831

CVE-2025-22831 affects AMI AptioV BIOS. The vulnerability is a local, in-BIOS Out-of-bounds Write that can be triggered by an attacker with local access, causing data corruption and loss of availability. Exploitation details are not provided in the supplied documents; no patch/version remediation...

7.8CVSS6.6AI score0.0014EPSS
CVE
CVE
added 2025/10/14 2:0 p.m.8 views

CVE-2025-33044

The CVE-2025-33044 entry concerns AMI AptioV BIOS with a local, memory-bounds restriction flaw. The vulnerability allows an attacker with local access to trigger memory corruption, impacting Integrity and Availability . The root cause is described as an Improper Restriction of Operations within t...

7.8CVSS6.5AI score0.0014EPSS