← back
CVE-2015-0949

CVE-2015-0949

EPSS 0.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Patch
Lifecycle
30 Jan 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.
Affected products
Dell · Latitude E6430HP · EliteBook 850 G1

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.kb.cert.org/vuls/id/631788