Improper Input Validation in AMI APTIOV BIOS
CVE-2024-33659

5.7MEDIUM

Key Information:

Vendor: Ami
Status: Aptiov
Vendor: CVE Published:; 11 February 2025

What is CVE-2024-33659?

AMI APTIOV BIOS has a vulnerability that permits local attackers to exploit improper input validation. Such exploitation could allow attackers to overwrite arbitrary memory locations, ultimately enabling the execution of arbitrary code at the System Management Mode (SMM) level. This could have severe implications, impacting the confidentiality, integrity, and availability of affected systems.

Affected Version(s)

AptioV BKS_5.0

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443...

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Apr 25, 2024

Ami

What is CVE-2024-33659?

Affected Version(s)

References

CVSS V4

Timeline