acer altos_t110_f3_firmware 跨界内存写
CVE编号
CVE-2022-30426利用情况
暂无补丁情况
N/A披露时间
2022-09-23漏洞描述
There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| http://acer.com | |
| http://altos.com | |
| https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-202... |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | acer | altos_t110_f3_firmware | * | Up to (excluding) p13 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | ap130_f2_firmware | * | Up to (excluding) p04 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_1600x_firmware | * | Up to (excluding) p11.a3l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_1602m_firmware | * | Up to (excluding) p11.a3l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_7600u_firmware | * | Up to (excluding) p11.a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_mc605_firmware | * | Up to (excluding) p11.a4l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_tc-105_firmware | * | Up to (excluding) p12.b0l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_tc-120_firmware | * | Up to (excluding) p11-a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_u5-620_firmware | * | Up to (excluding) p11.a1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_x1935_firmware | * | Up to (excluding) p11.a3l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_x3475_firmware | * | Up to (excluding) p11.a3l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_x3995_firmware | * | Up to (excluding) p11.a3l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_xc100_firmware | * | Up to (excluding) p11.b3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_xc600_firmware | * | Up to (excluding) p11.a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | aspire_z3-615_firmware | * | Up to (excluding) p11.a2l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_b630_49_firmware | * | Up to (excluding) aap02sr | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_e430g_firmware | * | Up to (excluding) p21.a1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_e430_firmware | * | Up to (excluding) p11.a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m2110g_firmware | * | Up to (excluding) p21.a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m2120g_firmware | * | Up to (excluding) p11-a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m2611g_firmware | * | Up to (excluding) p11-b0l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m2611_firmware | * | Up to (excluding) p11.b0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m4620g_firmware | * | Up to (excluding) p21.a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m4620_firmware | * | Up to (excluding) p21.a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_m6620g_firmware | * | Up to (excluding) p21.a0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_n2620g_firmware | * | Up to (excluding) p21.b0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_n4620g_firmware | * | Up to (excluding) p11.a2l | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_n4630g_firmware | * | Up to (excluding) p21.b0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_s6620g_firmware | * | Up to (excluding) p11.a1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_x2611g_firmware | * | Up to (excluding) p11.a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_x2611_firmware | * | Up to (excluding) p11.a4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_x4620g_firmware | * | Up to (excluding) p11.a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_x6620g_firmware | * | Up to (excluding) p11.a3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | acer | veriton_z2650g_firmware | * | Up to (excluding) p21.a1 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | altos_t110_f3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | ap130_f2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_1600x | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_1602m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_7600u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_mc605 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_tc-105 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_tc-120 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_u5-620 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_x1935 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_x3475 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_x3995 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_xc100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_xc600 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | aspire_z3-615 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_b630_49 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_e430 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_e430g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m2110g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m2120g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m2611 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m2611g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m4620 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m4620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_m6620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_n2620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_n4620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_n4630g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_s6620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_x2611 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_x2611g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_x4620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_x6620g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | acer | veriton_z2650g | - | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 低
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 高
- 完整性 高
| CWE-ID | 漏洞类型 |
| CWE-787 | 跨界内存写 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论