Loading HuntDB...

GHSA-8c2m-2hmv-32px

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

A TOCTOU in ASP bootloader may allow an attacker
to tamper with the SPI ROM following data read to memory potentially resulting
in S3 data corruption and information disclosure.

Related CVEs

Key Information

GHSA ID
GHSA-8c2m-2hmv-32px
Published
May 9, 2023 9:30 PM
Last Modified
April 4, 2024 3:57 AM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 3, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.