Bypassing Software Update Validation in System Management Module (SMM) Versions Prior to 1.06

Bypassing Software Update Validation in System Management Module (SMM) Versions Prior to 1.06

CVE-2018-9084 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

In System Management Module (SMM) versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented.

Learn more about our Web Application Penetration Testing UK.