CVE-2024-21947
HIGHDescription
Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
Is your site exposed to CVE-2024-21947?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-21947? +
How severe is CVE-2024-21947? +
How do I check if I'm vulnerable to CVE-2024-21947? +
Related Vulnerabilities
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application …
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain …
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially …
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS …
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through …
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could …