Vulnerabilities > AMI > Aptio V

DATE CVE VULNERABILITY TITLE RISK
2023-12-06 CVE-2023-39538 Unrestricted Upload of File with Dangerous Type vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access.
local
low complexity
ami CWE-434
7.8
2023-12-06 CVE-2023-39539 Unrestricted Upload of File with Dangerous Type vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access.
local
low complexity
ami CWE-434
7.8
2023-11-14 CVE-2023-39535 Unspecified vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network.
local
low complexity
ami
7.8
2023-11-14 CVE-2023-39536 Unspecified vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network.
local
low complexity
ami
7.8
2023-11-14 CVE-2023-39537 Unspecified vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network.
local
low complexity
ami
7.8
2023-09-12 CVE-2023-34469 Unspecified vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network.
low complexity
ami
4.6
2023-09-12 CVE-2023-34470 Unspecified vulnerability in AMI Aptio V
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network.
local
low complexity
ami
7.8
2022-09-20 CVE-2022-26873 Out-of-bounds Write vulnerability in multiple products
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages.
local
low complexity
intel ami CWE-787
8.2
2022-09-20 CVE-2022-40250 Out-of-bounds Write vulnerability in multiple products
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it.
local
low complexity
intel ami CWE-787
8.8
2022-09-20 CVE-2022-40261 Classic Buffer Overflow vulnerability in multiple products
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it.
local
low complexity
intel ami CWE-120
8.2