CVE-2024-2315

Nov. 21, 2024, 5:15 p.m.

None
No Score

Description

APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability.

Product(s) Impacted

Product Versions
APTIOV BIOS

Weaknesses

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf

Tags

CWE-284
biossecurity@ami.com
2024-11-12
CVE-2024-2315

Date

  • Published: Nov. 12, 2024, 3:15 p.m.
  • Last Modified: Nov. 21, 2024, 5:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

biossecurity@ami.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.