Описание
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).
Ссылки
- ExploitVendor Advisory
- ExploitThird Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 304 (исключая)
Одновременно
cpe:2.3:o:asus:ux360ca_bios:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:ux360ca:-:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05598
Низкий
8.2 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).
EPSS
Процентиль: 90%
0.05598
Низкий
8.2 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo