SMM Access Control Vulnerability: Potential Arbitrary Code Execution via SPI ROM Write
CVE-2022-23821 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Learn more about our Web Application Penetration Testing UK.