How severe is CVE-2022-34325?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2022-34325?

This is classified as CWE-367, which is a common weakness in software security.

CVE-2022-34325 - HIGH Severity | CVSS 7.8

Vulnerability Description

DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the StorageSecurityCommandDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by

Related Vulnerabilities

CVE-2017-0331

HIGH

CVSS:7.8(High)

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critica...

CWE-3672017

CVE-2017-0411

HIGH

CVSS:7.8(High)

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Hi...

CWE-3672017

CVE-2017-0412

HIGH

CVSS:7.8(High)

CWE-3672017

CVE-2017-0756

HIGH

CVSS:7.8(High)

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.

CWE-3672017

CVE-2017-15404

HIGH

CVSS:7.8(High)

An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.31...

CWE-3672017

CVE-2018-8584

HIGH

CVSS:7.8(High)

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Wind...

CWE-3672018