PT-2021-9509 · Unknown · Scp-Firmware+1
Cfir Cohen
+2
·
Published
2021-11-16
·
Updated
2022-10-06
·
CVE-2020-12944
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ASP Firmware (affected versions not specified)
PSP Firmware (affected versions not specified)
Description
The issue is related to insufficient validation of BIOS image length, which could lead to arbitrary code execution. This affects the firmware's ability to properly verify the length of BIOS images, potentially allowing malicious code to be executed.
Recommendations
For ASP Firmware, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For PSP Firmware, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ap Firmware
Scp-Firmware