7.8

CVE-2022-28806

Exploit

EPSS 0.11%
Veröffentlicht 04.05.2022 15:15:13
Zuletzt bearbeitet 21.11.2024 06:57:57
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fujitsu ≫ Lifebook A3510 Firmware Version < 1.09

Fujitsu ≫ Lifebook A3510 Version-

Fujitsu ≫ Lifebook U9310 Firmware Version < 2.17

Fujitsu ≫ Lifebook U9310 Version-

Fujitsu ≫ Lifebook U7511 Firmware Version < 2.30

Fujitsu ≫ Lifebook U7511 Version-

Fujitsu ≫ Lifebook U7411 Firmware Version < 2.30

Fujitsu ≫ Lifebook U7411 Version-

Fujitsu ≫ Lifebook U7311 Firmware Version < 2.30

Fujitsu ≫ Lifebook U7311 Version-

Fujitsu ≫ Lifebook U9311 Firmware Version <= 2.33

Fujitsu ≫ Lifebook U9311 Version-

Fujitsu ≫ Lifebook E5510 Firmware Version < 2.23

Fujitsu ≫ Lifebook E5510 Version-

Fujitsu ≫ Lifebook U7510 Firmware Version < 2.19

Fujitsu ≫ Lifebook U7510 Version-

Fujitsu ≫ Lifebook U7410 Firmware Version < 2.19

Fujitsu ≫ Lifebook U7410 Version-

Fujitsu ≫ Lifebook U7310 Firmware Version < 2.13

Fujitsu ≫ Lifebook U7310 Version-

Fujitsu ≫ Lifebook E459 Firmware Version < 1.09

Fujitsu ≫ Lifebook E459 Version-

Fujitsu ≫ Lifebook E449 Firmware Version < 1.09

Fujitsu ≫ Lifebook E449 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.302

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.fmworld.net/biz/common/insyde/20220210/

Vendor Advisory

https://kb.cert.org/vuls/id/796611

Third Party Advisory

US Government Resource

https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FCCL-IS-2021-090903-Security-Advisory.asp

Vendor Advisory

https://www.binarly.io/advisories

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-28806

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-28806

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-28806

EUVD