CWE-1274
6 CVEs classified under CWE-1274. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2484 | High | 8.4 | 2023-01-06 | The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could r… |
CVE-2022-2482 | High | 8.4 | 2023-01-06 | A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the fil… |
CVE-2023-31345 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2025-4043 | Medium | 6.8 | 2025-05-07 | An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot. |
CVE-2024-36345 | | 2026-05-15 | Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, po… | |
CVE-2025-29950 | | 2026-02-10 | Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. |