MEDIUM🇵🇱 Wersja polska

CVE-2018-1992

CVSS 6.4v3.0pub. 2019-03-21upd. 2024-11-21

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345.

CVSS Vector
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • IBM Power System Ac922 \(8335 Gtg\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System Ac922 \(8335 Gtg\) Firmware

    OS
    Ibm
    < op910.30
  • IBM Power System Ac922 \(8335 Gth\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System Ac922 \(8335 Gth\) Firmware

    OS
    Ibm
    < op920.10
  • IBM Power System Ac922 \(8335 Gtx\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System Ac922 \(8335 Gtx\) Firmware

    OS
    Ibm
    < op920.10
  • IBM Power System H922 \(9223 22h\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System H922 \(9223 22h\) Firmware

    OS
    Ibm
    < fw910.10
  • IBM Power System H924 \(9223 42h\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System H924 \(9223 42h\) Firmware

    OS
    Ibm
    < fw910.10
  • IBM Power System L922 \(9008 22l\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System L922 \(9008 22l\) Firmware

    OS
    Ibm
    < fw910.10
  • IBM Power System Lc921 \(9006 12p\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System Lc921 \(9006 12p\) Firmware

    OS
    Ibm
    < op920.10
  • IBM Power System Lc922 \(9006 22p\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System Lc922 \(9006 22p\) Firmware

    OS
    Ibm
    < op920.10
  • IBM Power System S914 \(9009 41a\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System S914 \(9009 41a\) Firmware

    OS
    Ibm
    < fw910.10
  • IBM Power System S922 \(9009 22a\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System S922 \(9009 22a\) Firmware

    OS
    Ibm
    < fw910.10
  • IBM Power System S924 \(9009 42a\)

    HW
    Ibm
    wszystkie wersje
  • IBM Power System S924 \(9009 42a\) Firmware

    OS
    Ibm
    < fw910.10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-45656CRITICAL9.8PL ✓ten sam produkt

Statyczne poświadczenia w IBM Flexible Service Processor umożliwiają eskalację uprawnień

CVE-2021-38960HIGH7.5ten sam produkt

IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X...

CVE-2025-36035MEDIUM6.7ten sam produkt

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40...

CVE-2022-22488MEDIUM4.9ten sam produkt

IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deletin...

CVE-2021-29891MEDIUM4.9ten sam produkt

IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that...

CVE-2018-1992 — Ibm — Power System Ac922 \(8335-Gtg\) — MEDIUM — CVSS 6.4 | CVEbaza.pl