Versio.io

CVE-2022-28806

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 04-05-2022 05:15
Last modified: - 18-05-2022 03:26
Total changes: - 2

Description

An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
7.8
Base score
1.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=fujitsu AND product=lifebook_a3510_firmware AND versionEndExcluding=1.09
OR
vendor=fujitsu AND product=lifebook_a3510 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u9310_firmware AND versionEndExcluding=2.17
OR
vendor=fujitsu AND product=lifebook_u9310 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7511_firmware AND versionEndExcluding=2.30
OR
vendor=fujitsu AND product=lifebook_u7511 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7411_firmware AND versionEndExcluding=2.30
OR
vendor=fujitsu AND product=lifebook_u7411 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7311_firmware AND versionEndExcluding=2.30
OR
vendor=fujitsu AND product=lifebook_u7311 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u9311_firmware AND versionEndIncluding=2.33
OR
vendor=fujitsu AND product=lifebook_u9311 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_e5510_firmware AND versionEndExcluding=2.23
OR
vendor=fujitsu AND product=lifebook_e5510 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7510_firmware AND versionEndExcluding=2.19
OR
vendor=fujitsu AND product=lifebook_u7510 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7410_firmware AND versionEndExcluding=2.19
OR
vendor=fujitsu AND product=lifebook_u7410 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_u7310_firmware AND versionEndExcluding=2.13
OR
vendor=fujitsu AND product=lifebook_u7310 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_e459_firmware AND versionEndExcluding=1.09
OR
vendor=fujitsu AND product=lifebook_e459 AND version=-
AND
OR
vendor=fujitsu AND product=lifebook_e449_firmware AND versionEndExcluding=1.09
OR
vendor=fujitsu AND product=lifebook_e449 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-28806

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.