admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-525xx/CVE-2023-52547.json
cad-safe-bot d898b7c05c Auto-Update: 2025-01-17T19:00:28.406135+00:00
2025-01-17 19:03:55 +00:00

129 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-52547",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-05-28T07:15:08.930",
"lastModified": "2025-01-17T18:32:12.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM."
},
{
"lang": "es",
"value": "Huawei Matebook D16 (Modelo: CREM-WXX9, BIOS: v2.26. Corrupci\u00f3n de la memoria en el controlador SMI del m\u00f3dulo SMM HddPassword. Un atacante malicioso del sistema operativo puede aprovechar esto para corromper las estructuras de datos almacenadas al comienzo de SMRAM y puede conducir potencialmente a Ejecuci\u00f3n de c\u00f3digo en SMM."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-130"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:curiem-wfg9b_firmware:ota-curiem-bios-2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0C60E9-E69E-4692-92FC-BDF8BD28346B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:curiem-wfg9b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53861342-BCF5-49E5-A4C5-C1D1C472C8FF"
}
]
}
]
}
],
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en",
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink