Advisories

[BRLY-2025-001] UEFI Secure Boot bypass

BINARLY REsearch has discovered a vulnerable UEFI application signed with Microsoft third-party UEFI certificate allowing a possible attacker to bypass UEFI Secure Boot.

[BRLY-DVA-2023-003] SMM memory contents leak / information disclosure vulnerability in SMM driver (SMRAM read)

BINARLY efiXplorer team has discovered a stack memory contents leak / information disclosure vulnerability that allows a potencial attacker to write stack memory to NVRAM variable.

[BRLY-DVA-2024-020] SMM memory corruption vulnerability in SMM module on Dell device (SMRAM write)

BINARLY REsearch team has discovered a SMM memory corruption vulnerability in a Dell device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2024-022] SMM memory corruption vulnerability in SMM module on Dell device (SMRAM write).

BINARLY REsearch team has discovered a SMM memory corruption vulnerability in a Dell device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2024-023] SMM memory corruption vulnerability in SMM module on Dell device (SMRAM write).

BINARLY REsearch team has discovered a SMM memory corruption vulnerability in a Dell device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2024-013] SMM memory corruption vulnerability in SMM module on Dell device (SMRAM write).

BINARLY REsearch team has discovered a SMM memory corruption vulnerability in a Dell device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2024-012] SMM memory corruption vulnerability in SMM module on Dell device (SMRAM write).

BINARLY REsearch team has discovered a SMM memory corruption vulnerability in a Dell device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2023-024] The stack buffer overflow vulnerability leads to arbitrary code execution during DXE phase.

BINARLY efiXplorer team has discovered a stack buffer overflow vulnerability that allows an attacker to execute arbitrary code.

[BRLY-2024-001] OOB Read in Lighttpd 1.4.32 used in Supermicro X11 series firmware

BINARLY team has discovered a Heap Out-of-bounds Read vulnerability in the web server component of Supermicro BMC IPMI firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.

[BRLY-2025-002] Boot Guard cannot be trusted on multiple Clevo-based devices (the private RSA keys for the Key Manifest and Boot Policy Manifest has been leaked)

BINARLY REsearch team has received information that Clevo firmware update packages are being distributed with private keys for Boot Guard (see article). The Binarly REsearch team checked an internal dataset of firmware images for the use of leaked keys across different vendors and discovered several affected devices, some of which had received updates only a few months ago.

[BRLY-2024-023] Use of RSA test keys for BMC RoT implementation

The BINARLY team has discovered that multiple Supermicro servers use an insecure RSA signing key (RD1 BMC Test Key - DO NOT TRUST) to implement the BMC Root of Trust security feature. The use of test keys poses a critical severity risk by making it trivial for remote attackers with administrative privileges to the BMC system to perform a malicious BMC firmware update and defeat U-Boot verified boot on affected devices. This results in a persistent compromise of both the BMC system and the main server operating system.

[BRLY-2023-030] RCE inside BMC OS using SNMP service configuration in Supermicro BMC IPMI firmware

BINARLY team has discovered a remote code execution vulnerability in the web server component of Supermicro BMC IPMI firmware, allowing a potential attacker to execute arbitrary code inside the BMC operating system as the root user.

[BRLY-2024-005] Usage of default test keys leads to complete Secure Boot bypass

The Binarly REsearch Team has found that hundreds of devices use an insecure Platform Key (PK) which represents the root of trust for UEFI Secure Boot.

[BRLY-2023-002] SMM memory corruption vulnerability in SMM driver (SMRAM write)

Binarly REsearch Team has discovered a stack buffer overflow vulnerability that allows an attacker to execute arbitrary code.

[BRLY-DVA-2023-028] SMM memory corruption vulnerability in SMM module on Fujitsu device (SMRAM write)

Binarly REsearch Team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2023-027] SMM arbitrary code execution vulnerability in SMM module on Fujitsu device

Binarly REsearch Team has discovered an SMM arbitrary code execution vulnerability on a Fujitsu device allowing a potential attacker to hijack execution flow of code running in the System Management Mode. Exploitation of this issue could lead to escalation of privileges to SMM.

[BRLY-DVA-2023-026] SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write)

Binarly REsearch Team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-DVA-2023-025] SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write)

Binarly REsearch Team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-LOGOFAIL-2023-030] Memory Corruption vulnerability in DXE driver.

Binarly REsearch Team has discovered wrong error handling during JPEG file processing in Phoenix firmware which leads to several vulnerabilities, including an OOB Write in the Huffman table decoding routine.

[BRLY-LOGOFAIL-2023-027] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an OOB Write vulnerability in the decode routine during BMP file processing in Phoenix firmware.

[BRLY-LOGOFAIL-2023-028] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an OOB Write vulnerability in the decode routine during GIF file processing in Phoenix firmware.

[BRLY-LOGOFAIL-2023-029] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered an OOB Read vulnerability in the decode routine during GIF file processing in Phoenix firmware.

[BRLY-LOGOFAIL-2023-024] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a lack of validation on output buffer leads to OOB Write operations during GIF file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-025] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability. Lack of synchronization between PaletteSize calculated from BitsPerPixel in BMP Image Header and PaletteIndex calculated from data in BMP Image allows OOB Read.

[BRLY-LOGOFAIL-2023-022] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a lack of validation on number of Huffamn tables that leads to OOB Write operations during JPEG file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-018] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an integer overflow on memory allocation size that leads to OOB Write operations during PNG file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-019] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an integer overflow on memory allocation size that leads to OOB Write operations during PNG file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-020] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a lack of array index validation leading to OOB Write operations on global data during JPEG file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-023] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a lack of validation on output buffer leads to OOB Write operations during GIF file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-016] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an integer overflow on memory allocation size that leads to OOB Write operations during PNG file processing in AMI firmware.

[BRLY-LOGOFAIL-2023-014] Out-of-bounds Read in DXE driver

Binarly REsearch Team has discovered a OOB Read vulnerability in DXE driver. Improper validation of PNG chunk length during PNG file processing in AMI firmware leads to OOB read.

[BRLY-LOGOFAIL-2023-015] Out-of-bounds Read in DXE driver

Binarly REsearch Team has discovered a OOB Read vulnerability in DXE driver. Improper validation of PNG chunk length during PNG file processing in AMI firmware leads to OOB read.

[BRLY-LOGOFAIL-2023-013] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability. Image->ImageOffset is not validated during parsing of arbitrary BMP file on AMI firmware. The attacker can make it as high as 0xFFFFFFFF and thus display the contents of physical memory (in the form of pixels).

[BRLY-LOGOFAIL-2023-012] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a multiple OOB Read/Write vulnerabilities in Insyde firmware due to improper input validation during TGA file processing.

[BRLY-LOGOFAIL-2023-011] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered multiple memory leaks / information disclosure vulnerabilities in the DXE driver due to improper input validation during PCX file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-009] Out-of-bounds Read in DXE driver

Binarly REsearch Team has discovered a OOB Read vulnerability in DXE driver. Improper loop exit condition will lead to OOB Read from ImagePtr during JPEG file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-010] Null Pointer Dereference in DXE driver

Binarly REsearch Team has discovered a Null Pointer Dereference vulnerability in DXE driver. Unchecked DqtCount leads to null pointer dereference during JPEG file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-008] Null Pointer Dereference in DXE driver

Binarly REsearch Team has discovered a DXE Null Pointer Dereference in Insyde firmware. Usage of uninitialised SOSPtr pointer leads to null pointer dereference (in case when JPEG_SOS is not covered during the parsing) during JPEG file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-006] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a multiple OOB Read/Write vulnerabilities in Insyde firmware related to lack of Code validation in the LZW decoder routine in the GifDecoderDxe module.

[BRLY-LOGOFAIL-2023-001] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability. BmpHeader->ImageOffset is not validated during parsing of arbitrary BMP file on Insyde firmware. The attacker can make it as high as 0xFFFFFFFF and thus display the contents of physical memory (in the form of pixels).

[BRLY-LOGOFAIL-2023-007] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a OOB Write vulnerability in Insyde firmware. Unchecked ImageSize (which depends on ImageWidth and ImageHeight) results in allocation of a zero-sized buffer and subsequent writing to it during GIF file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-005] Out-of-bounds Read in DXE driver

Binarly REsearch Team has discovered a OOB Read vulnerability in Insyde firmware resulting from weak index checking during GIF file processing.

[BRLY-LOGOFAIL-2023-003] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an OOB Write vulnerability in the RLE4 decode routine during BMP file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-002] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered an OOB Write vulnerability in the RLE8 decode routine during BMP file processing in Insyde firmware.

[BRLY-LOGOFAIL-2023-004] Memory Corruption vulnerability in DXE driver

Binarly REsearch Team has discovered a multiple OOB Read/Write vulnerabilities in Insyde firmware related to lack of validation in the LZW decoder routine in the GifDecoderDxe module.

[BRLY-LOGOFAIL-2023-017] Multiple vulnerabilities in image parsing functions can be exploited by an attacker with local access

Acer firmware allows end-users to customize the logo shown on the display of a device during boot. Binarly REsearch Team has uncovered multiple critical vulnerabilities in the libraries used to parse image data formats and thus logos.

[BRLY-DVA-2023-029] SMM memory corruption vulnerability in SMM module on Fujitsu device (SMRAM write)

Binarly REsearch Team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-LOGOFAIL-2023-026] Memory contents leak / information disclosure vulnerability in DXE driver

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability. Lack of synchronization between ImageSize in BMP Image Header and ImageIndex allows OOB Read.

[BRLY-2024-004] OOB Read in Lighttpd before 1.4.51

Binarly REsearch Team has discovered a Heap Out-of-bounds Read vulnerability in the `lighttpd` web server, allowing a potential attacker to exfiltrate sensitive information from process memory.

[BRLY-2024-003] OOB Read in Lighttpd 1.4.35 used in Lenovo BMC firmware

Binarly REsearch Team discovered a Heap Out-of-bounds Read vulnerability in the web server component of Lenovo BMC firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.

[BRLY-2024-002] OOB Read in Lighttpd 1.4.45 used in Intel M70KLP series firmware

Binarly REsearch Team has discovered a Heap Out-of-bounds Read vulnerability in the web server component of Intel BMC firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.

[BRLY-2023-004] SMM memory corruption vulnerability in SMM driver (SMRAM write).

Binarly REsearch Team identified an SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.

[BRLY-2023-005] Arbitrary calls to SetVariable with unsanitized arguments in SMI handler

Binarly REsearch Team has discovered a SMI handler that passes attacker controlled arguments to SmmSetVariable() without any sort of filtering/sanitization.

[BRLY-2023-018] Multiple vulnerabilities in image parsing functions can be exploited by an attacker with local access.

BINARLY REsearch team has uncovered multiple critical vulnerabilities in the libraries used to parse image data formats and thus logos.

[BRLY-2023-006] Multiple vulnerabilities in image parsing functions can be exploited by an attacker with local access.

BINARLY REsearch team has uncovered multiple critical vulnerabilities in the image parsing libraries used to parse customized boot logos.

[BRLY-2022-040] The stack memory contents leak / information disclosure vulnerability in DXE driver.

Binarly REsearch Team has discovered a stack memory contents leak / information disclosure vulnerability that allows a potencial attacker to write stack memory to NVRAM variable.

[BRLY-2022-039] SMRAM memory contents leak / information disclosure vulnerability in SMM driver (SMRAM read).

Binarly REsearch Team identified an SMM memory contents leak / information disclosure vulnerability, which allows an attacker to read portions of SMRAM memory. This in turn could help building a successful attack vector exploiting SMM memory corruption vulnerability.

[BRLY-2022-041] The stack memory contents leak / information disclosure vulnerability in DXE driver.

Binarly REsearch Team has discovered a stack memory contents leak / information disclosure vulnerability that allows a potencial attacker to write stack memory to NVRAM variable.

[BRLY-2022-038] Stack buffer overflow vulnerability leads to arbitrary code execution in a DXE driver on Intel platform.

Binarly REsearch Team has discovered a stack overflow vulnerability that allows a local root user to access a UEFI DXE driver and execute arbitrary code.

[BRLY-2023-011] Stored cross-site scripting vulnerability in Supermicro BMC IPMI firmware in multiple webpages using language cookie value

Binarly REsearch Team has discovered a stored DOM-based cross-site scripting (XSS) vulnerability in multiple webpages that uses language cookie value, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2023-010] Cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the servh_storage_create and servh_storage_add webpages using the hash property of the URL

Binarly REsearch Team has discovered a DOM-based cross-site scripting (XSS) vulnerability in servh_storage_create and servh_storage_add webpages that uses hash property of the URL, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges. This attack works on IE11 and Microsoft Edge in Internet Explorer mode.

[BRLY-2023-012] Stored cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the man_ikvm_html5_bootstrap and man_ikvm_html5_bootstrap_vm webpages using lang local storage item

Binarly REsearch Team has discovered a stored DOM-based cross-site scripting (XSS) vulnerability in the man_ikvm_html5_bootstrap and man_ikvm_html5_bootstrap_vm webpages that uses lang local storage item, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2023-008] Cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the modify_nm_policy webpage using pdomain GET parameter

Binarly REsearch Team has discovered a DOM-based cross-site scripting (XSS) vulnerability in the modify_nm_policy webpage that uses pdomain GET parameter, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2023-001] Command injection vulnerability in Supermicro BMC IPMI firmware

Binarly REsearch Team has discovered a command injection vulnerability in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to execute arbitrary code.

[BRLY-2023-007] Cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the config_ip_ctrl_change webpage using index GET parameter

Binarly REsearch Team has discovered a DOM-based cross-site scripting (XSS) vulnerability in the config_ip_ctrl_change webpage that uses index GET parameter, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2023-009] Cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the config_ssl_fw_reset webpage using port GET parameter

Binarly REsearch Team has discovered a DOM-based cross-site scripting (XSS) vulnerability in the config_ssl_fw_reset webpage that uses port GET parameter, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2022-173] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-174] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-126] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-118] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2023-023] Stored cross-site scripting vulnerability in Supermicro BMC IPMI firmware in the man_ikvm_html5_bootstrap webpage using lang local storage item

BINARLY team has discovered a stored DOM-based cross-site scripting (XSS) vulnerability in the man_ikvm_html5_bootstrap webpage that uses lang local storage item, included in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to gain access to an account with administrator privileges.

[BRLY-2023-022] Command injection vulnerability in Supermicro BMC IPMI firmware

BINARLY team has discovered a command injection vulnerability in the web server component of Supermicro BMC IPMI firmware, allowing a possible attacker to execute arbitrary code.

[BRLY-LOGOFAIL-2023-021] Out-of-bounds Read in DXE driver

Binarly REsearch Team has discovered a OOB Read vulnerability in DXE driver. Improper validation on JPEG marker length leads to multiple OOB Read operations during JPEG file processing in AMI firmware

[BRLY-2022-169] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-160] Memory contents leak in DXE driver on Dell platform

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-159] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-158] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-165] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-131] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-146] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-155] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-145] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-148] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-129] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-147] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-144] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-156] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-150] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-099] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-101] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-124] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-123] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-122] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-119] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-127] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-121] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-125] Memory contents leak / information disclosure vulnerability in DXE driver on Dell platform.

Binarly REsearch Team has discovered a memory contents leak / information disclosure vulnerability that allows a potential attacker to dump stack memory or global memory into an NVRAM variable. This in turn could help building a successful attack vector based on exploiting a memory corruption vulnerability.

[BRLY-2022-065] Stack buffer overflow vulnerability leads to arbitrary code execution in DXE driver on multiple Dell platforms.

Binarly REsearch Team has discovered a stack overflow vulnerability that allows a potential attacker to access UEFI DXE driver and execute arbitrary code.

[BRLY-2022-055] Stack buffer overflow vulnerability leads to arbitrary code execution in DXE driver on multiple Dell platforms.

Binarly REsearch Team has discovered a stack overflow vulnerability that allows a potential attacker to access UEFI DXE driver and execute arbitrary code.

[BRLY-2022-070] OOB write vulnerability in SMI handler leads to arbitrary code execution in SMM.

Binarly REsearch Team has discovered a OOB write vulnerability that allows a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.