Huawei Matebook D16 BIOS v2.26 SMI Handler Memory Corruption (CVE-2023-52548)
CVE-2023-52548 Published on May 28, 2024
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
Vulnerability Analysis
CVE-2023-52548 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2023-52548 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2023-52548
Want to know whenever a new CVE is published for Huawei Curiem Wfg9b Firmware? stack.watch will email you.
Affected Versions
Huawei CurieM-WFG9B:- Version OTA-CurieM-B-BIOS-2.28 is affected.
- Version 2.28 and below 2.32 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.