CVE-2023-52712

Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
Configurations

No configuration.

History

21 Nov 2024, 08:40

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-en - () https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-en -

28 May 2024, 12:39

Type Values Removed Values Added
Summary
  • (es) Varios problemas debido a la exposición del controlador SMI en AmdPspP2CmboxV2. El primer problema se puede aprovechar para evitar las protecciones implementadas en fases anteriores de UEFI para evitar el acceso directo a la memoria flash SPI. El segundo problema se puede utilizar para filtrar y corromper la memoria de SMM, lo que podría provocar la ejecución de código en SMM.

28 May 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-28 07:15

Updated : 2024-11-21 08:40


NVD link : CVE-2023-52712

Mitre link : CVE-2023-52712

CVE.ORG link : CVE-2023-52712


JSON object : View

Products Affected

No product.

CWE
CWE-284

Improper Access Control