Описание
Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.
Ссылки
- Not Applicable
- ExploitThird Party Advisory
- Not Applicable
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:acer:aspire_e5-475g_firmware:1.21:*:*:*:*:*:*:*
cpe:2.3:h:acer:aspire_e5-475g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00151
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
почти 3 года назад
Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.
EPSS
Процентиль: 36%
0.00151
Низкий
7.8 High
CVSS3
Дефекты
CWE-787
CWE-787