Show filters
164 Total Results
Displaying 11-20 of 164
Sort by:
Attacker Value
Unknown
CVE-2023-52712
Disclosure Date: May 28, 2024 (last updated January 18, 2025)
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
0
Attacker Value
Unknown
CVE-2023-52711
Disclosure Date: May 28, 2024 (last updated January 18, 2025)
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially leading code execution in SMM
0
Attacker Value
Unknown
CVE-2023-52710
Disclosure Date: May 28, 2024 (last updated January 18, 2025)
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
0
Attacker Value
Unknown
CVE-2023-52548
Disclosure Date: May 28, 2024 (last updated January 18, 2025)
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
0
Attacker Value
Unknown
CVE-2023-52547
Disclosure Date: May 28, 2024 (last updated January 18, 2025)
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
0
Attacker Value
Unknown
CVE-2023-28402
Disclosure Date: May 16, 2024 (last updated May 17, 2024)
Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.
0
Attacker Value
Unknown
CVE-2023-28383
Disclosure Date: May 16, 2024 (last updated May 17, 2024)
Improper conditions check in some Intel(R) BIOS PPAM firmware may allow a privileged user to potentially enable escalation of privilege via local access.
0
Attacker Value
Unknown
CVE-2023-27504
Disclosure Date: May 16, 2024 (last updated May 17, 2024)
Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.
0
Attacker Value
Unknown
CVE-2023-5912
Disclosure Date: April 05, 2024 (last updated January 05, 2025)
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables.
0
Attacker Value
Unknown
CVE-2023-25494
Disclosure Date: April 05, 2024 (last updated April 10, 2024)
A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attacker with elevated privileges to write to NVRAM variables.
0