CVE-2022-40261Classic Buffer Overflow in Aptio

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.2HIGHNVD
EPSS
0.1%
top 67.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
AMI AptioAMI Aptio V
Timeline
PublishedSep 20
Latest updateSep 21

Description

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-insta

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

CVEListV5ami/aptio5.x
NVDami/aptio_v5.0

🔴Vulnerability Details

2
GHSA
GHSA-gh9f-j6gv-mq7g: An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environ2022-09-21
CVEList
SMM memory corruption vulnerability in OverClockSmiHandler SMM driver2022-09-20
CVE-2022-40261 — Classic Buffer Overflow in AMI Aptio | cvebase