Improper Write Handling in Limited-write Non-Volatile Memories

CVE-2024-36432

High

7.5/10

Summary

An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-1246 - Improper Write Handling in Limited-write Non-Volatile Memories

The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.

References

Advisory Timeline

Published Jul 15, 2024

Improper Write Handling in Limited-write Non-Volatile Memories

CVE-2024-36432

Summary

CWE-1246 - Improper Write Handling in Limited-write Non-Volatile Memories

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS