AMI APTIOV contains a vulnerability in BIOS where an... · CVE-2024-33659 · GitHub Advisory Database · GitHub

AMI APTIOV contains a vulnerability in BIOS where an...

Moderate severity Unreviewed Published Feb 11, 2025 to the GitHub Advisory Database

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, and Availability.

References

Published by the National Vulnerability Database

Feb 11, 2025

Published to the GitHub Advisory Database Feb 11, 2025

Severity

Moderate

/ 10

CVSS v4 base metrics

Exploitability Metrics

Attack Vector Local

Attack Complexity High

Attack Requirements None

Privileges Required High

User interaction None

Vulnerable System Impact Metrics

Confidentiality Low

Integrity High

Availability High

Subsequent System Impact Metrics

Confidentiality Low

Integrity Low

Availability Low

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X