BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local root user to access UEFI DXE driver and execute arbitrary code.
Vulnerability REsearch
Understanding the Offense is Key To Developing the Best Defense Technology
[BRLY-2021-051]
SMM memory corruption vulnerability in SMM driver on Intel platforms
SMM memory corruption vulnerability in SMM driver on Intel platforms
May 23, 2022
SMM
BINARLY efiXplorer team has discovered SMM memory corruption vulnerability on Intel platforms allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-050]
SMM memory corruption vulnerability in SMM driver on Intel platforms
SMM memory corruption vulnerability in SMM driver on Intel platforms
May 23, 2022
SMM
BINARLY efiXplorer team has discovered SMM memory corruption vulnerability on Intel platforms allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-014]
SMM memory corruption vulnerability in SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in SMM driver on Fujitsu device (SMRAM write).
May 10, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in Fujitsu devices allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2022-004]
SMM arbitrary code execution in USBRT SMM driver on Dell devices.
SMM arbitrary code execution in USBRT SMM driver on Dell devices.
March 21, 2022
Dell
BINARLY efiXplorer team has discovered SMM arbitrary code execution on Dell devices.
[BRLY-2021-045]
SMM callout vulnerability in USBRT SMM driver on Dell devices (SMM arbitrary code execution)
SMM callout vulnerability in USBRT SMM driver on Dell devices (SMM arbitrary code execution)
March 21, 2022
Dell
BINARLY efiXplorer team identified SMM callout on Dell platforms, which allows a attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-043]
SMM arbitrary code execution in USBRT SMM driver on Dell devices.
SMM arbitrary code execution in USBRT SMM driver on Dell devices.
March 21, 2022
Dell
BINARLY efiXplorer team has discovered SMM arbitrary code execution on Dell devices.
[BRLY-2021-042]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-041]
SMM callout vulnerability in SMM driver on multiple HP devices.
SMM callout vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM callout vulnerability on multiple HP devices allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-040]
SMM callout vulnerability in SMM driver on multiple HP devices.
SMM callout vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM callout vulnerability on multiple HP devices allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-039]
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices that allow corrupt heap metadata.
[BRLY-2021-038]
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a heap buffer overflow vulnerability in the child SW SMI handler on multiple HP devices that allows heap data corruption.
[BRLY-2021-037]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-036]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-035]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-034]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-033]
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
SMM memory corruption vulnerability in SMM driver on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on multiple HP devices allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-032]
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices.
March 08, 2022
UEFI
BINARLY efiXplorer team has discovered a heap buffer overflow vulnerability in a child SW SMI handler on multiple HP devices that allows corruption of heap metadata.
[BRLY-2021-007]
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
February 04, 2022
UEFI
BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local root user to access UEFI Runtime DXE application and execute arbitrary code.
[BRLY-2021-006]
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices.
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices.
February 04, 2022
UEFI
BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local priviledged user to access UEFI DXE driver and execute arbitrary code.
[BRLY-2021-005]
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices.
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on multiple HP devices.
February 04, 2022
UEFI
BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local priviledged user to access UEFI DXE driver and execute arbitrary code.
[BRLY-2021-004]
SMM callout vulnerability in SMM driver on multiple HP devices (SMM arbitrary code execution).
SMM callout vulnerability in SMM driver on multiple HP devices (SMM arbitrary code execution).
February 04, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in multiple HP devices, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-003]
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
February 04, 2022
UEFI
BINARLY efiXplorer team has discovered a stack buffer overflow vulnerability that allows a local priviledged user to access UEFI Runtime DXE application and execute arbitrary code.
[BRLY-2021-031]
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM callout vulnerability on a BullSequana Edge server allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-030]
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on a BullSequana Edge server allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-029]
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on a BullSequana Edge server allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-028]
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM callout vulnerability on a BullSequana Edge server allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-027]
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on a BullSequana Edge server allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-026]
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on a BullSequana Edge server allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-025]
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM callout vulnerability on a BullSequana Edge server allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-024]
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM memory corruption vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability on a BullSequana Edge server allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-023]
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM callout vulnerability on a BullSequana Edge server allowing a possible attacker to hijack the execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-022]
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
SMM callout vulnerability in combined DXE/SMM driver on BullSequana Edge server.
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM callout vulnerability on a BullSequana Edge server allowing a possible attacker to hijack execution flow of a code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-021]
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on BullSequana Edge server.
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI DXE driver on BullSequana Edge server.
February 01, 2022
UEFI
BINARLY efiXplorer team has discovered a stack overflow vulnerability that allows a local priviledged user to access UEFI DXE driver and execute arbitrary code.
[BRLY-2021-020]
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
February 01, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in a Fujitsu device, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-019]
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
February 01, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in a Fujitsu device, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-018]
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
February 01, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in a Fujitsu device, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-017]
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
SMM callout vulnerability in combined DXE/SMM on Fujitsu device (SMM arbitrary code execution).
February 01, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in a Fujitsu device, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-016]
SMM memory corruption vulnerability in combined DXE/SMM on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-015]
SMM memory corruption vulnerability in combined DXE/SMM on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-013]
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in Fujitsu devices allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-012]
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in Fujitsu devices allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-011]
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in Fujitsu devices allowing a possible attacker to write data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-010]
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-009]
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write).
February 01, 2022
SMM
BINARLY efiXplorer team has discovered a SMM memory corruption vulnerability in a Fujitsu device allowing a possible attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
[BRLY-2021-008]
SMM callout vulnerability in SMM driver on Fujitsu device (SMM arbitrary code execution).
SMM callout vulnerability in SMM driver on Fujitsu device (SMM arbitrary code execution).
February 01, 2022
SMM
BINARLY efiXplorer team identified a SMM callout in a Fujitsu device, which allows an attacker to access the System Management Mode and execute arbitrary code.
[BRLY-2021-002]
Lenovo system firmware has missing coverage with Boot Guard protected ranges (IBB) for UEFI modules
Lenovo system firmware has missing coverage with Boot Guard protected ranges (IBB) for UEFI modules
July 15, 2021
Lenovo
BINARLY efiXplorer team identified several Lenovo devices do not properly protect UEFI system firmware modules with Intel Boot Guard technolody (missing protection coverage Boot Guard IBB hash), which allows an attacker with write access to the SPI flash storage (such as with physical access or leveraging a BIOS write protection bypass vulnerability) to install a persistent backdoor/implant.
[BRLY-2021-001]
SMM callout vulnerability on Lenovo ThinkPad laptops firmware (SMM arbitrary code execution)
SMM callout vulnerability on Lenovo ThinkPad laptops firmware (SMM arbitrary code execution)
July 15, 2021
SMM
BINARLY efiXplorer team identified SMM callout in ThinkPad 13 2nd Gen, which allows a local privileged user to access the System Management Mode and execute arbitrary code.