Approved changes feed: RSS · Atom
cpe:2.3:a:ami:aptiov:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ami (0db97362-1418-5fb2-aa0a-1f52d459917d) |
|---|---|
| Product | Aptiov (0da659c7-4e7d-5257-8cd3-3daa96a3429a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-58770 |
vulnerable | 2026-06-08 07:35:19.518248 |
TCG2 TPM RT Not Locked Issue
APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.
Published: 2025-12-12T15:03:16.408Z
Updated: 2025-12-12T18:53:12.605Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-33045 |
vulnerable | 2026-06-08 07:19:01.447157 |
Legacy Serial Redirection SMRAM Vulnerabilities
HIGH (8.2)
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. The successful exploitation of these vulnerabilities can lead to information disclosure, arbitrary data writing, and impact Confidentiality, Integrity, and Availability.
Published: 2025-09-09T14:00:31.402Z
Updated: 2025-09-09T14:15:08.538Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-33044 |
vulnerable | 2026-06-08 07:19:01.446650 |
exFat Memory Corruption Issue
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability.
Published: 2025-10-14T14:00:58.404Z
Updated: 2025-10-14T18:52:35.278Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-33043 |
vulnerable | 2026-06-08 07:19:01.445486 |
SMM buffer Integrity
MEDIUM (5.8)
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation locally. Successful exploitation of this vulnerability can potentially impact of integrity.
Published: 2025-05-29T14:00:09.944Z
Updated: 2025-11-03T19:53:58.639Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22834 |
vulnerable | 2026-06-08 07:10:54.849406 |
ThirdPartyVideo SetVariable Vulnerability
MEDIUM (4.2)
AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.
Published: 2025-08-12T14:02:14.354Z
Updated: 2025-08-12T14:37:37.856Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22833 |
vulnerable | 2026-06-08 07:10:54.848936 |
FixupArray Pointer Validation in NTFS
APTIOV contains a vulnerability in BIOS where an attacker may cause a Buffer Copy without Checking Size of Input by local accessing. Successful exploitation of this vulnerability may lead to arbitrary code execution.
Published: 2025-10-14T14:00:50.483Z
Updated: 2025-10-14T18:51:56.528Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22832 |
vulnerable | 2026-06-08 07:10:54.848505 |
Buffer Overflow in NTFS when parsing the ATTRIBUTE_LIST
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.
Published: 2025-10-14T14:00:42.309Z
Updated: 2025-10-14T18:51:36.347Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22831 |
vulnerable | 2026-06-08 07:10:54.848201 |
Buffer Overflow in NTFS when parsing the VOLUME_NAME
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.
Published: 2025-10-14T14:00:34.748Z
Updated: 2025-10-14T18:51:10.280Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22830 |
vulnerable | 2026-06-08 07:10:54.847109 |
SmiFlash Race Condition Vulnerability
APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability.
Published: 2025-08-12T14:02:50.803Z
Updated: 2025-08-12T14:40:09.250Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-54084 |
vulnerable | 2026-06-08 06:54:15.963023 |
SMM Arbitrary Write via TOCTOU Vulnerability
HIGH (7.5)
APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.
Published: 2025-03-11T14:01:24.030Z
Updated: 2025-03-11T14:45:58.764Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42446 |
vulnerable | 2026-06-08 06:45:46.389784 |
TOCTOU in SmmWhea
HIGH (7.5)
APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.
Published: 2025-05-13T14:02:10.628Z
Updated: 2025-05-13T15:16:25.056Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42444 |
vulnerable | 2026-06-08 06:43:57.212230 |
TOCTOU Race Condition between DMA and SMM
HIGH (7.5)
APTIOV contains a vulnerability in BIOS where an attacker may cause a TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may lead to execution of arbitrary code on the target device.
Published: 2025-01-14T15:00:42.112Z
Updated: 2025-01-14T15:45:23.217Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42442 |
vulnerable | 2026-06-08 06:43:57.211874 |
Runtime Service Access outside SMRAM
HIGH (7.2)
APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode.
Published: 2024-11-12T15:00:34.738Z
Updated: 2024-11-12T15:58:50.679Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33660 |
vulnerable | 2026-06-08 06:37:31.928797 |
Potential Firmware update without integrity check
An exploit is possible where an actor with physical access can manipulate SPI flash without being detected.
Published: 2024-11-12T15:00:51.675Z
Updated: 2024-11-21T16:22:25.320Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33659 |
vulnerable | 2026-06-08 06:37:31.928094 |
BiosGuard Buffer Overflow and TOCTOU Vulnerability
AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, and Availability.
Published: 2025-02-11T15:00:11.196Z
Updated: 2025-02-11T15:36:38.156Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33658 |
vulnerable | 2026-06-08 06:37:31.927016 |
Buffer Overflow Vulnerability In OFBD
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity.
Published: 2024-11-12T15:01:05.234Z
Updated: 2024-11-21T16:21:37.633Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33657 |
vulnerable | 2026-06-08 06:37:31.926654 |
Smm Callout in SmmComputrace Module
HIGH (7.8)
This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks.
Published: 2024-08-21T16:17:12.383Z
Updated: 2024-08-22T00:40:11.707Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33656 |
vulnerable | 2026-06-08 06:37:31.926199 |
Memory Leak in SmmComuptrace Module
HIGH (7.8)
The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms
Published: 2024-08-21T16:16:43.954Z
Updated: 2024-08-21T17:08:28.329Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-2315 |
vulnerable | 2026-06-08 06:33:30.849010 |
SMM arbitrary code execution in Overclock
APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability.
Published: 2024-11-12T15:01:15.370Z
Updated: 2024-11-21T16:20:52.843Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39539 |
vulnerable | 2026-06-08 06:09:37.675375 |
Failure when uploading a Logo image file
HIGH (7.5)
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
Published: 2023-12-06T15:15:06.493Z
Updated: 2025-12-16T18:23:25.840Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39538 |
vulnerable | 2026-06-08 06:09:37.674941 |
Failure when uploading a Logo image file
HIGH (7.5)
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
Published: 2023-12-06T15:17:30.504Z
Updated: 2026-02-25T16:51:21.091Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39537 |
vulnerable | 2026-06-08 06:09:37.674429 |
Improper input validation in BIOS TCG2
HIGH (7.5)
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
Published: 2023-11-14T21:24:32.282Z
Updated: 2024-08-14T19:25:46.794Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39536 |
vulnerable | 2026-06-08 06:09:37.673862 |
Improper input validation in BIOS OFBD
HIGH (7.5)
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
Published: 2023-11-14T21:24:02.381Z
Updated: 2024-08-29T20:17:11.568Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39535 |
vulnerable | 2026-06-08 06:09:37.673218 |
Improper input validation in BIOS
HIGH (7.5)
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
Published: 2023-11-14T21:23:24.506Z
Updated: 2024-08-29T20:17:59.863Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34470 |
vulnerable | 2026-06-08 06:06:25.660054 |
Improper access control
MEDIUM (6.8)
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
Published: 2023-09-12T15:21:58.331Z
Updated: 2024-09-26T13:43:02.938Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34469 |
vulnerable | 2026-06-08 06:06:25.658911 |
Cold Rest Vulnerabiltiy
MEDIUM (4.9)
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality.
Published: 2023-09-12T15:21:11.450Z
Updated: 2024-09-24T20:36:07.365Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.