Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Acer产品缓冲区错误漏洞
Vulnerability Description
Acer Aspire Series是中国宏碁(Acer)公司的一系列服务器。 Acer产品存在安全漏洞,该漏洞源于其存在一个栈缓冲区溢出漏洞,这可能导致在某些宏碁产品上的UEFI DXE驱动程序中执行任意代码。攻击者可以将权限从ring 3 提升为ring 0,并在UEFI DXE执行期间劫持控制流。以下版本受到影响:T110 F3固件P13及以前版本、AP130 F2固件P04及以前版本、Aspire 1600X固件P11.A3L及以前版本、Aspire 1602M固件P11.A3L及以前版本、Asp
CVSS Information
N/A
Vulnerability Type
N/A