216.73.217.172

CVE-2023-20578

· Published 13/08/2024 17:15 · Modified 13/08/2024 17:15

Labels: CVE-2023-20578 2024-08-13CVE-2023-20578[email protected]

Essential information

Published
13/08/2024 17:15
Modified
13/08/2024 17:15
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS metrics

Description

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References