{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T16:54:03.449","vulnerabilities":[{"cve":{"id":"CVE-2024-33659","sourceIdentifier":"biossecurity@ami.com","published":"2025-02-11T15:15:17.200","lastModified":"2025-10-02T14:35:03.623","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting Confidentiality, Integrity, and Availability."},{"lang":"es","value":"AMI APTIOV contiene una vulnerabilidad en BIOS donde un atacante puede provocar una validación de entrada incorrecta por parte de un atacante local. La explotación exitosa de estas vulnerabilidades puede provocar la sobrescritura de memoria arbitraria y la ejecución de código arbitrario a nivel de SMM, lo que también afecta la confidencialidad, la integridad y la disponibilidad."}],"metrics":{"cvssMetricV40":[{"source":"biossecurity@ami.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}]},"weaknesses":[{"source":"biossecurity@ami.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ami:aptio_v:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndExcluding":"5.038","matchCriteriaId":"66B5321D-288B-4FB3-95CD-F185660D96CF"}]}]}],"references":[{"url":"https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2025/AMI-SA-2025002.pdf","source":"biossecurity@ami.com","tags":["Vendor Advisory"]}]}}]}