CVE-2024-36877

HIGH

Micro-Star International Z-series/B-series Motherboards - Write-What-Where Condition via SMI 0xE3

Title source: llm
STIX 2.1

Description

Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's with the following chipsets are affected: Intel 300, Intel 400, Intel 500, Intel 600, Intel 700, AMD 300, AMD 400, AMD 500, AMD 600 and AMD 700.

Exploits (2)

nomisec WORKING POC 48 stars
by jjensn · poc
https://github.com/jjensn/CVE-2024-36877
nomisec NO CODE
by CERTologists · poc
https://github.com/CERTologists/POC-CVE-2024-36877

References (2)

Scores

CVSS v3 8.2
EPSS 0.0344
EPSS Percentile 87.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-123
Status published
Published Aug 12, 2024
Tracked Since Feb 18, 2026