CVE-2022-41415

EUVD-2022-44608
Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
aceraltos_w2000h-w570h_f4_firmware
r01.03.0018
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://acer.com
http://altos.com
https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md
http://acer.com
http://altos.com
https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md