Hypervisor Vulnerability in Microsoft Xbox 360 by Microsoft
CVE-2007-1220

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xbox 360
Vendor: CVE Published:; 2 March 2007

What is CVE-2007-1220?

The Xbox 360's hypervisor contains a flaw where it fails to correctly verify the parameters sent to the syscall dispatcher. This vulnerability permits an attacker with physical access to the device to bypass the code-signing restrictions in place, leading to the potential execution of arbitrary code. This exploit puts user data and device integrity at risk, highlighting the importance of securing physical access to gaming consoles.

References

http://securityreason.com/securityalert/2367

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/461489/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/22745

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2007
Vulnerability Reserved
Mar 2, 2007