Unknown
CVE-2022-29277
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2022-29277
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.0048 Whitley: 05.42.23.0066 Cedar Island: 05.42.11.0021 Eagle Stream: 05.44.25.0052 Greenlow/Greenlow-R(skylake/kabylake): Trunk Mehlow/Mehlow-R (CoffeeLake-S): Trunk Tatlow (RKL-S): Trunk Denverton: 05.10.12.0042 Snow Ridge: Trunk Graneville DE: 05.05.15.0038 Grangeville DE NS: 05.27.26.0023 Bakerville: 05.21.51.0026 Idaville: 05.44.27.0030 Whiskey Lake: Trunk Comet Lake-S: Trunk Tiger Lake H/UP3: 05.43.12.0052 Alder Lake: 05.44.23.0047 Gemini Lake: Not Affected Apollo Lake: Not Affected Elkhart Lake: 05.44.30.0018 AMD ROME: trunk MILAN: 05.36.10.0017 GENOA: 05.52.25.0006 Snowy Owl: Trunk R1000: 05.32.50.0018 R2000: 05.44.30.0005 V2000: Trunk V3000: 05.44.30.0007 Ryzen 5000: 05.44.30.0004 Embedded ROME: Trunk Embedded MILAN: Trunk Hygon Hygon #1/#2: 05.36.26.0016 Hygon #3: 05.44.26.0007 https://www.insyde.com/security-pledge/SA-2022060
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Products
- alder lake firmware,
- bakerville firmware,
- cedar island firmware,
- comet lake-s firmware,
- denverton firmware,
- eagle stream firmware,
- genoa firmware,
- grangeville de ns firmware,
- granville de firmware,
- greenlow firmware,
- greenlow-r firmware,
- hygon 1 firmware,
- hygon 2 firmware,
- hygon 3 firmware,
- idaville firmware,
- mehlow firmware,
- mehlow-r firmware,
- milan firmware,
- purley-r firmware,
- rome firmware,
- ryzen 5300g firmware,
- ryzen 5300ge firmware,
- ryzen 5600g firmware,
- ryzen 5600ge firmware,
- ryzen 5600x firmware,
- ryzen 5700g firmware,
- ryzen 5700ge firmware,
- ryzen 5800x firmware,
- ryzen 5800x3d firmware,
- ryzen 5900x firmware,
- ryzen 5950x firmware,
- snowy owl r1000 firmware,
- snowy owl r2000 firmware,
- snowy owl v2000 firmware,
- snowy owl v3000 firmware,
- tatlow firmware,
- tiger lake h/up3 firmware,
- whiskey lake firmware,
- whitley firmware
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
