CVE-2024-25079 - CERT CVE
ID CVE-2024-25079
Sažetak A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.
Reference
CVSS
Base: 7.4
Impact: 6.0
Exploitability:0.8
Pristup
VektorSloženostAutentikacija
LOCAL HIGH HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH LOW
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
Zadnje važnije ažuriranje 29-10-2024 - 15:35
Objavljeno 15-05-2024 - 15:15