Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对因果或异常条件的不恰当检查
Vulnerability Title
Huawei PC Manager 安全漏洞
Vulnerability Description
Huawei PC Manager是中国华为(Huawei)公司的一款计算机管理应用程序。 Huawei PC Manager存在安全漏洞,该漏洞源于通信缓冲区大小未正确验证为预期大小,可能与起始 SMRAM 部分重叠,攻击者利用该漏洞可以破坏存储在 SMRAM 开头的数据结构,并可能导致在 SMM 中执行代码。
CVSS Information
N/A
Vulnerability Type
N/A