Description
AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, and Availability.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
High
Attack Requirements
None
Privileges Required
High
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
Low
Integrity (Subsequent System)
Low
Availability (Subsequent System)
Low
Affected products
- AMI / AptioVBKS_5.0 – BKS_5.38