CVE-2025-7028 | GIGABYTE UEFI-SmiFlash 1.0.0 Software SMI SwSmiInputValue untrusted pointer dereference

Inserito da Angelo Barbosa | Lug 11, 2025 | CVE

A vulnerability classified as critical was found in GIGABYTE UEFI-SmiFlash 1.0.0. This vulnerability affects the function SwSmiInputValue of the component Software SMI Handler. The manipulation leads to untrusted pointer dereference.

This vulnerability was named CVE-2025-7028. The attack needs to be approached locally. There is no exploit available.

CVE-2025-7028 | GIGABYTE UEFI-SmiFlash 1.0.0 Software SMI SwSmiInputValue untrusted pointer dereference

Post correlati

CVE-2025-5234 | Gutenverse News Plugin up to 1.0.4 on WordPress elementId cross site scripting

CVE-2024-20527 | Cisco Identity Services Engine Software up to 3.4.0 API path traversal (cisco-sa-ise-multi-vuln-DBQdWRy)

CVE-2024-31547 | Computer Laboratory Management System 1.0 view_item.php id sql injection

CVE-2023-51964 | Tenda AX1803 1.0.0.1 setIptvInfo port stack-based overflow