CVE-2021-26387

LOW Year: 2021
CVSS v3 Score
3.9
Low
Weakness Type
CWE-863
View all →

Vulnerability Description

Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.

Related Vulnerabilities

CVE-2024-27086

LOW
CVSS:3.9(Low)

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to ...

CWE-8632024

CVE-2017-12112

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the ...

CWE-8632017

CVE-2017-12113

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the...

CWE-8632017

CVE-2017-12114

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the re...

CWE-8632017

CVE-2017-12117

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the re...

CWE-8632017

CVE-2017-12118

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). An attacker can send JSON to trigger this vul...

CWE-8632017