CVE-2025-7028 | GIGABYTE UEFI-SmiFlash 1.0.0 Software SMI SwSmiInputValue untrusted pointer dereference

Inserito da Angelo Barbosa | Lug 11, 2025 | CVE

A vulnerability classified as critical was found in GIGABYTE UEFI-SmiFlash 1.0.0. This vulnerability affects the function SwSmiInputValue of the component Software SMI Handler. The manipulation leads to untrusted pointer dereference.

This vulnerability was named CVE-2025-7028. The attack needs to be approached locally. There is no exploit available.

CVE-2025-7028 | GIGABYTE UEFI-SmiFlash 1.0.0 Software SMI SwSmiInputValue untrusted pointer dereference

Post correlati

CVE-2024-12849 | WP Guru Error Log Viewer Plugin up to 1.0.1.3 on WordPress authorization

CVE-2025-46554 | xwiki-platform up to 14.10.21/15.10.11/16.4.2/16.6.x REST Endpoint authorization

CVE-2024-46730 | Linux Kernel up to 6.10.8 AMD Display tg_inst array index (a64284b9e199/687fe329f18a)

CVE-2024-8177 | GitLab Community Edition/Enterprise Edition up to 17.4.4/17.5.2/17.6.0 Harbor Registry algorithmic complexity (Issue 480706)