CVE-2024-33656

Published: Aug 21, 2024Modified: Jan 12, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: biossecurity@ami.com (Secondary)

Description

The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms

Affected (1)

Products: Ami: Aptio V

Ami

1 product

Aptio V

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ami Aptio V	From 5.0 to 5.36

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024003.pdf

Source: biossecurity@ami.com

Vendor Advisory

Timeline

No history available yet.