CVE-2024-21980

HIGH Year: 2024
CVSS v3 Score
7.9
High
Weakness Type
CWE-119
View all →

Vulnerability Description

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.

Related Vulnerabilities

CVE-2023-48267

HIGH
CVSS:7.9(High)

Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CWE-1192023

CVE-2016-8377

HIGH
CVSS:8.0(High)

An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, ...

CWE-1192016

CVE-2017-2714

HIGH
CVSS:8.0(High)

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitra...

CWE-1192017

CVE-2017-7050

HIGH
CVSS:8.0(High)

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context...

CWE-1192017

CVE-2017-7051

HIGH
CVSS:8.0(High)

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context...

CWE-1192017

CVE-2017-7054

HIGH
CVSS:8.0(High)

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context...

CWE-1192017