exploitDog

GHSA-hq2f-86fm-7823

Опубликовано: 03 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

Ссылки

EPSS

Процентиль: 27%

0.00098

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2023-39283

CVSS3: 7.8

nvd

больше 2 лет назад

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.

EPSS

Процентиль: 27%

0.00098

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-787