CVE-2023-52547

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en	Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:curiem-wfg9b_firmware:ota-curiem-bios-2.29:*:*:*:*:*:*:*

cpe:2.3:h:huawei:curiem-wfg9b:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-05-28 07:15

Updated : 2025-01-17 18:32

NVD link : CVE-2023-52547

Mitre link : CVE-2023-52547

CVE.ORG link : CVE-2023-52547

JSON object : View

Products Affected

huawei

curiem-wfg9b_firmware
curiem-wfg9b

CWE

CWE-130

Improper Handling of Length Parameter Inconsistency

CWE-787

Out-of-bounds Write

{"id": "CVE-2023-52547", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-05-28T07:15:08.930", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-130"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM."}, {"lang": "es", "value": "Huawei Matebook D16 (Modelo: CREM-WXX9, BIOS: v2.26. Corrupci\u00f3n de la memoria en el controlador SMI del m\u00f3dulo SMM HddPassword. Un atacante malicioso del sistema operativo puede aprovechar esto para corromper las estructuras de datos almacenadas al comienzo de SMRAM y puede conducir potencialmente a Ejecuci\u00f3n de c\u00f3digo en SMM."}], "lastModified": "2025-01-17T18:32:12.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:curiem-wfg9b_firmware:ota-curiem-bios-2.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D0C60E9-E69E-4692-92FC-BDF8BD28346B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:curiem-wfg9b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "53861342-BCF5-49E5-A4C5-C1D1C472C8FF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}