Vulnerability Details CVE-2023-52710
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.4%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-52710
-
cpe:2.3:h:huawei:curiem-wfg9b:-
-
cpe:2.3:o:huawei:curiem-wfg9b_firmware:ota-curiem-bios-2.29