CVE-2022-28806 — HIGH (7.8)

Q: How severe is CVE-2022-28806?

CVE-2022-28806 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-28806?

Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Lifebook A3510 Firmware, Fujitsu Lifebook A3510, Fujitsu Lifebook U9310 Firmware, Fujitsu Lifebook U9310, Fujitsu Lifebook U7511 Firmware.

Vulnerability Description

An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fujitsu	Lifebook A3510 Firmware	< 1.09
Fujitsu	Lifebook A3510	-
Fujitsu	Lifebook U9310 Firmware	< 2.17
Fujitsu	Lifebook U9310	-
Fujitsu	Lifebook U7511 Firmware	< 2.30
Fujitsu	Lifebook U7511	-
Fujitsu	Lifebook U7411 Firmware	< 2.30
Fujitsu	Lifebook U7411	-
Fujitsu	Lifebook U7311 Firmware	< 2.30
Fujitsu	Lifebook U7311	-
Fujitsu	Lifebook U9311 Firmware	<= 2.33
Fujitsu	Lifebook U9311	-
Fujitsu	Lifebook E5510 Firmware	< 2.23
Fujitsu	Lifebook E5510	-
Fujitsu	Lifebook U7510 Firmware	< 2.19
Fujitsu	Lifebook U7510	-
Fujitsu	Lifebook U7410 Firmware	< 2.19
Fujitsu	Lifebook U7410	-
Fujitsu	Lifebook U7310 Firmware	< 2.13
Fujitsu	Lifebook U7310	-

Related Weaknesses (CWE)

CWE-787

References

http://www.fmworld.net/biz/common/insyde/20220210/Vendor Advisory
https://kb.cert.org/vuls/id/796611Third Party AdvisoryUS Government Resource
https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FCCL-IS-202Vendor Advisory
https://www.binarly.io/advisoriesExploitThird Party Advisory
http://www.fmworld.net/biz/common/insyde/20220210/Vendor Advisory
https://kb.cert.org/vuls/id/796611Third Party AdvisoryUS Government Resource
https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FCCL-IS-202Vendor Advisory
https://www.binarly.io/advisoriesExploitThird Party Advisory
https://www.kb.cert.org/vuls/id/796611

FAQ

What is CVE-2022-28806?

CVE-2022-28806 is a vulnerability with a CVSS score of 7.8 (HIGH). An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), ...

How severe is CVE-2022-28806?

CVE-2022-28806 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-28806?

Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Lifebook A3510 Firmware, Fujitsu Lifebook A3510, Fujitsu Lifebook U9310 Firmware, Fujitsu Lifebook U9310, Fujitsu Lifebook U7511 Firmware.