CVE-2024-33656

The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024003.pdf

Configurations

No configuration.

History

21 Aug 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-21 17:15

Updated : 2024-08-21 17:24

NVD link : CVE-2024-33656

Mitre link : CVE-2024-33656

CVE.ORG link : CVE-2024-33656

JSON object : View

Products Affected

No product.

CWE

CWE-269

Improper Privilege Management

7.8 /10