CVE-2024-36877 PoC — Micro-Star Z-series motherboards和Micro-Star B-series motherboards 安全漏洞

Source

https://github.com/jjensn/CVE-2024-36877

Associated Vulnerability

Title:Micro-Star Z-series motherboards和Micro-Star B-series motherboards 安全漏洞 (CVE-2024-36877)
Description:Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's with the following chipsets are affected: Intel 300, Intel 400, Intel 500, Intel 600, Intel 700, AMD 300, AMD 400, AMD 500, AMD 600 and AMD 700.

Description

Exploit POC for CVE-2024-36877

Readme

# CVE-2024-36877
Exploit POC for CVE-2024-36877

Detailed write-up can be found on my blog - https://jjensn.com/at-home-in-your-firmware

File Snapshot


 [4.0K]  /data/pocs/0132349eeccd802cf4fc37c81b5a127296ccc4b5
├── [  84]  addresses.hpp
├── [5.0K]  efitypes.hpp
├── [9.6K]  exploit.cpp
├── [1.4K]  exploit.hpp
├── [ 245]  globals.hpp
├── [ 914]  main.cpp
├── [  12]  main.hpp
├── [ 490]  MSIApServiceSmiExploit.inf
├── [5.3K]  MSIApServiceSmiExploit.vcxproj
├── [2.4K]  MSIApServiceSmiExploit.vcxproj.filters
├── [2.7K]  physmem.cpp
├── [ 813]  physmem.hpp
├── [ 137]  README.md
├── [9.7K]  shellcode.hpp
├── [6.6K]  smst.cpp
├── [ 159]  smst.hpp
└── [1.8K]  types.hpp

0 directories, 17 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!