exploitDog

GHSA-3r4p-wv9v-57xw

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.

Ссылки

EPSS

Процентиль: 69%

0.00593

Низкий

8.8 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2019-18279

CVSS3: 8.8

nvd

около 6 лет назад

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.

BDU:2023-08701

CVSS3: 8.8

fstec

больше 6 лет назад

Уязвимость утилиты загрузки обновления, резервного копирования и восстановления BIOS с флэш-устройства Phoenix WinPhlash (ранее Phoenix SecureCore Tiano WinFlash), связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 69%

0.00593

Низкий

8.8 High

CVSS3

CVE ID