CVE-2018-12182

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege,…

intel·CWE-441·Published 2019-03-27

CVSS

—

EPSS

0.00

KEV

Exploits

Vendor statements (1)

lists.fedoraproject.org

cve.orgen

202 chars

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

NVDes

227 chars

Comprobación de escritura en memoria insuficiente en el servicio SMM para EDK II podría permitir que un usuario autenticado escale privilegios, divulgue información y/o provoque una denegación de servicio mediante acceso local.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	6.7	0.8	5.9	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H