vulnerability

F5 Networks: K04362926 (CVE-2015-0949): BIOS SMM privilege escalation vulnerability CVE-2015-0949

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Apr 20, 2016	Feb 16, 2017	Mar 2, 2020

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Apr 20, 2016

Added

Feb 16, 2017

Modified

Mar 2, 2020

Description

The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.

Solution

f5-big-ip-upgrade-latest

References

URL-https://support.f5.com/csp/article/K04362926
NVD-CVE-2015-0949

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today