Описание
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior, independent of later disk changes.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:absolute:computrace_agent:70.785:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00062
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 6.7
github
почти 4 года назад
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior, independent of later disk changes.
EPSS
Процентиль: 19%
0.00062
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-284