Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
ieisystem

uefi_firmware

3 Versions 4 CVEs

Versions

8.4

MAJOR_MINOR 3 CVEs

1.0

MAJOR_MINOR 1 CVE

0

SINGLE_NUMBER 1 CVE

Recent CVEs

CVE-2023-22351

Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

MEDIUM Sep 16, 2024

CVE-2023-23904

NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

MEDIUM Sep 16, 2024

CVE-2023-41833

A race condition in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.

HIGH Sep 16, 2024

CVE-2023-52080

IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical data in memory data is tampered with,a crash may occur.

HIGH Apr 29, 2024