6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
26.7%
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.
invisiblethingslab.com/bh08/part2-full.pdf
osvdb.org/49901
security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00017&languageid=en-fr
theinvisiblethings.blogspot.com/2008/08/attacking-xen-domu-vs-dom0.html
theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html
www.securityfocus.com/bid/30823
exchange.xforce.ibmcloud.com/vulnerabilities/44676