exploitDog

CVE-2024-2315

Опубликовано: 12 нояб. 2024

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability.

Ссылки

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:ami:aptio_v:*:*:*:*:*:*:*:*

Версия от 5.0 (включая) до 5.037 (исключая)

EPSS

Процентиль: 23%

0.00078

Низкий

7.1 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-xf4p-4gf4-v92p

CVSS3: 6.3

github

около 1 года назад

APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability.

EPSS

Процентиль: 23%

0.00078

Низкий

7.1 High

CVSS3

Дефекты

CWE-284