github - ghsa-fqcw-m4jp-3m5h

GHSA-FQCW-M4JP-3M5H

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-05-24 17:07

Details

The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0949"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-30T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.",
  "id": "GHSA-fqcw-m4jp-3m5h",
  "modified": "2022-05-24T17:07:44Z",
  "published": "2022-05-24T17:07:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0949"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/631788"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2015-0949 (GCVE-0-2015-0949)

Vulnerability from cvelistv5 – Published: 2020-01-30 20:45 – Updated: 2024-08-06 04:26

Summary

Severity ?

No CVSS data available.

CWE

Other

Assigner

certcc

References

URL

Tags

http://www.kb.cert.org/vuls/id/631788

x_refsource_MISC

Impacted products

Vendor

Product

Version

Dell

Latitude E6430

Affected: BIOS Revision A09

EliteBook 850 G1

Affected: BIOS revision L71 Ver. 01.09

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:26:11.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/631788"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Latitude E6430",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "BIOS Revision A09"
            }
          ]
        },
        {
          "product": "EliteBook 850 G1",
          "vendor": "HP",
          "versions": [
            {
              "status": "affected",
              "version": "BIOS revision L71 Ver. 01.09"
            }
          ]
        }
      ],
      "datePublic": "2015-03-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-30T20:45:19",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.kb.cert.org/vuls/id/631788"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2015-0949",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Latitude E6430",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BIOS Revision A09"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EliteBook 850 G1",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BIOS revision L71 Ver. 01.09"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "HP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.kb.cert.org/vuls/id/631788",
              "refsource": "MISC",
              "url": "http://www.kb.cert.org/vuls/id/631788"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2015-0949",
    "datePublished": "2020-01-30T20:45:19",
    "dateReserved": "2015-01-10T00:00:00",
    "dateUpdated": "2024-08-06T04:26:11.454Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-FQCW-M4JP-3M5H

CVE-2015-0949 (GCVE-0-2015-0949)

Tags

Sightings

Nomenclature