What the vulnerability does
01Description
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.
CVSS base score
CVSS vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H
What the vulnerability does
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.
Key dates
External resources
Related vulnerabilities