CVE-2026-0438
Vulnerability Description
A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-1072
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!