Back to CVE List

CVE-2026-0438

Vulnerability Description

A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-1072
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!