CVE-2024-36877

CVSS 3.1 Score 8.2 of 10 (high)

Details

Published Aug 12, 2024

Updated: Oct 24, 2024

Summary

CVE-2024-36877 is a newly discovered vulnerability affecting Micro-Star International motherboards with firmware versions 7D25v14, 7D25v17 to 19, and 7D25v1A to 1H. These motherboards, including Z-series (Z590, Z490, Z790) and B-series (B760, B560, B660, B460), are vulnerable due to a write-what-where condition in the SW handler for SMI 0xE3. Chipsets from Intel (300, 400, 500, 600, 700) and AMD (300, 400, 500, 600, 700) are all implicated in this issue. Successful exploitation could result in unintended firmware modifications. Users are encouraged to update their motherboard firmware to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wMLJFh
https://www.cve.org/CVERecord?id=CVE-2024-36877
https://nvd.nist.gov/vuln/detail/CVE-2024-36877

Back to Vulnerability Database

CVE-2024-36877

CVSS 3.1 Score 8.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations