Version ChagallWSPI-sWRX8 1.0.0.6
OTHER
2 CVEs
Known Vulnerabilities
CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
LOW
CVSS 1.9
Published Aug 13, 2024
CVE-2021-46772
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
LOW
CVSS 3.9
Published Aug 13, 2024