Primary

Context

AMI Aptio V BIOS Improper Input Validation Vulnerability Allowing Arbitrary Code Execution at SMM Level

Vulnerability

Patched

A vulnerability has been identified in AMI Aptio V BIOS, where improper input validation by a local attacker can lead to overwriting arbitrary memory and executing arbitrary code at the System Management Mode (SMM) level. This vulnerability, associated with the BiosGuard module, impacts confidentiality, integrity, and availability.

Impact

Exploitation of this vulnerability could allow a local attacker to overwrite arbitrary memory and execute arbitrary code at the SMM level, potentially leading to unauthorized access or modification of system resources.

Remediation

Users are advised to update to version BKC_5.38.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMI Aptio V BIOS Improper Input Validation Vulnerability Allowing Arbitrary Code Execution at SMM Level

Vulnerability

Impact

Remediation

Affected Products

AMI AptioV

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating