Vulnerability Details CVE-2023-52548
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.0%
CVSS Severity
CVSS v3 Score 7.8
References
- https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-cn
- https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-en
- https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-cn
- https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-en
Products affected by CVE-2023-52548
-
cpe:2.3:h:huawei:curiem-wfg9b:-
-
cpe:2.3:o:huawei:curiem-wfg9b_firmware:ota-curiem-b-bios-2.28