CVE-2023-52548

CWE-119 — Buffer Overflow CWE-787 — Out-of-bounds Write2 documents2 sources

Severity

7.8HIGH

EPSS

0.0%

top 88.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Curiem-wfg9b Huawei Curiem-wfg9b Firmware

Timeline

PublishedMay 28

Description

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5huawei/curiem-wfg9bOTA-CurieM-B-BIOS-2.28

▶NVDhuawei/curiem-wfg9b_firmwareota-curiem-b-bios-2.28

🔴Vulnerability Details

CVEList

CVE-2023-52548: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2↗2024-05-28

▶