Описание
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
EPSS
Процентиль: 9%
0.00031
Низкий
3.9 Low
CVSS3
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 3.9
github
больше 1 года назад
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
EPSS
Процентиль: 9%
0.00031
Низкий
3.9 Low
CVSS3
Дефекты
CWE-125