Vulnerabilities > AMI > Aptio V > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-06 | CVE-2023-39538 | Unrestricted Upload of File with Dangerous Type vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. | 7.8 |
2023-12-06 | CVE-2023-39539 | Unrestricted Upload of File with Dangerous Type vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. | 7.8 |
2023-11-14 | CVE-2023-39535 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-11-14 | CVE-2023-39536 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-11-14 | CVE-2023-39537 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-09-12 | CVE-2023-34470 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. | 7.8 |
2022-09-20 | CVE-2022-26873 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |
2022-09-20 | CVE-2022-40250 | Out-of-bounds Write vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.8 |
2022-09-20 | CVE-2022-40261 | Classic Buffer Overflow vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.2 |
2022-09-20 | CVE-2022-40262 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |