{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T08:16:09.103","vulnerabilities":[{"cve":{"id":"CVE-2025-7026","sourceIdentifier":"cret@cert.org","published":"2025-07-11T16:15:26.897","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., '$DB$' or '2DB$'), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise."},{"lang":"es","value":"Una vulnerabilidad en el controlador Software SMI (SwSmiInputValue 0xB2) permite a un atacante local controlar el registro RBX, que se utiliza como puntero sin control en la función CommandRcx0. Si el contenido de RBX coincide con ciertos valores esperados (p. ej., '$DB$' o '2DB$'), la función realiza escrituras arbitrarias en la RAM de administración del sistema (SMRAM), lo que puede provocar una escalada de privilegios al modo de administración del sistema (SMM) y una vulnerabilidad persistente del firmware."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0}]},"references":[{"url":"https://kb.cert.org/vuls/id/746790","source":"cret@cert.org"},{"url":"https://www.binarly.io/advisories/brly-dva-2025-008","source":"cret@cert.org"},{"url":"https://www.gigabyte.com/Support/Security","source":"cret@cert.org"},{"url":"https://www.kb.cert.org/vuls/id/746790","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}