6.9

CVE-2008-7096

EPSS 0.06%
Published 27.08.2009 20:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Bios Versiondg33bu

Intel ≫ Bios Versiondg33fb

Intel ≫ Bios Versiondg33tl

Intel ≫ Bios Versiondp35dp

Intel ≫ Bios Versiondq35jo

Intel ≫ Bios Versiondq35mp

Intel ≫ Bios Versiondx38bt

Intel ≫ Bios Versionmgm965tw

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.158

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://invisiblethingslab.com/bh08/part2-full.pdf

http://osvdb.org/49901

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00017&languageid=en-fr

Patch

Vendor Advisory

http://theinvisiblethings.blogspot.com/2008/08/attacking-xen-domu-vs-dom0.html

http://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html

http://www.securityfocus.com/bid/30823

https://exchange.xforce.ibmcloud.com/vulnerabilities/44676

https://nvd.nist.gov/vuln/detail/CVE-2008-7096

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-7096

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-7096

EUVD