exploitDog

GHSA-hwjr-m4gg-39hg

Опубликовано: 30 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7

Описание

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.

Ссылки

EPSS

Процентиль: 36%

0.00154

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2023-26299

CVSS3: 7

nvd

больше 2 лет назад

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.

EPSS

Процентиль: 36%

0.00154

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367