VDB
CVE-2023-28402
CVE-2023-28402
PUBLISHED
Es bestehen mehrere Schwachstellen in Intel BIOS Guard und PPAM Firmware. Diese Fehler bestehen aufgrund einer unsachgemäßen Eingabevalidierung und einer unsachgemäßen Zustandsüberprüfung. Ein lokaler, privilegierter Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern.
EPSS 0.06% · 19.5th percentile
Risk Scores
EPSS Score
0.06%
19.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Intel Firmware PPAM Firmware | |
| Dell | Dell Computer | |
| HP | HP BIOS | |
| Intel | Intel Firmware BIOS Guard | |
| Lenovo | Lenovo Computer | |
| HP | HP Computer |
Timeline
- May 14, 2024 CVE Published
- May 15, 2024 CVE Updated
- May 17, 2024 EPSS Score
- Jun 10, 2024 EPSS Score
- Jul 4, 2024 EPSS Score
- Jul 28, 2024 EPSS Score
- Aug 21, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 7, 2024 EPSS Score
- Oct 31, 2024 EPSS Score
- Nov 24, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1127.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1127 advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00814.html advisory
- https://www.dell.com/support/kbdoc/de-de/000225023/dsa-2024-199-security-update-for-dell-poweredge-t30-t40-mini-tower-server-for-intel-bios-guard-and-ppam-firmware-vulnerabilities advisory
- https://www.dell.com/support/kbdoc/de-de/000219969/dsa-2023-449 advisory
- https://support.lenovo.com/us/en/product_security/LEN-158632 advisory
- https://support.hp.com/us-en/document/ish_10564285-10564378-16/HPSBHF03936 advisory