CVE-2024-0179

Published Feb 11, 2025

Last updated 16 days ago

CVSS high 8.2

Overview

Description
SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.
Source
psirt@amd.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.2
Impact score
6
Exploitability score
1.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@amd.com
CWE-20

Social media

Hype score
Not currently trending

  1. CVE-2024-0179 SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary c… https://t.co/4YdK8WluhF

    @CVEnew

    11 Feb 2025

    301 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References