{"id":"https://openalex.org/W4288057751","doi":"https://doi.org/10.1109/sp46214.2022.9833723","title":"Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis","display_name":"Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4288057751","doi":"https://doi.org/10.1109/sp46214.2022.9833723"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833723","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833723","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084474343","display_name":"Jiawei Yin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jiawei Yin","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","Beijing Key Laboratory of Network Security and Protection Technology","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101852727","display_name":"Menghao Li","orcid":"https://orcid.org/0000-0002-5333-7630"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Menghao Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","Beijing Key Laboratory of Network Security and Protection Technology","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060749834","display_name":"Wei Wu","orcid":"https://orcid.org/0000-0001-7335-2638"},"institutions":[{"id":"https://openalex.org/I4210160618","display_name":"Huawei Technologies (United Kingdom)","ror":"https://ror.org/056gzgs71","country_code":"GB","type":"company","lineage":["https://openalex.org/I2250955327","https://openalex.org/I4210160618"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Wei Wu","raw_affiliation_strings":["Huawei Technologies"],"affiliations":[{"raw_affiliation_string":"Huawei Technologies","institution_ids":["https://openalex.org/I4210160618"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101640724","display_name":"Dandan Sun","orcid":"https://orcid.org/0000-0003-4703-821X"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dandan Sun","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","Beijing Key Laboratory of Network Security and Protection Technology","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103174356","display_name":"Jianhua Zhou","orcid":"https://orcid.org/0000-0002-8662-8733"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU","CN"],"is_corresponding":false,"raw_author_name":"Jianhua Zhou","raw_affiliation_strings":["UNSW Sydney","Beijing Key Laboratory of Network Security and Protection Technology","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050683592","display_name":"Wei Huo","orcid":"https://orcid.org/0009-0000-7121-1196"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU","CN"],"is_corresponding":false,"raw_author_name":"Wei Huo","raw_affiliation_strings":["UNSW Sydney","Beijing Key Laboratory of Network Security and Protection Technology","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024664385","display_name":"Jingling Xue","orcid":"https://orcid.org/0000-0003-0380-3506"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jingling Xue","raw_affiliation_strings":["UNSW Sydney"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5084474343"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":1.2258,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.81674566,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1623","last_page":"1637"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.993399977684021,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.8792400360107422},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8231222629547119},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.707204282283783},{"id":"https://openalex.org/keywords/callback","display_name":"Callback","score":0.6785948872566223},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.6233108043670654},{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.5108844637870789},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5001413822174072},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5000054836273193},{"id":"https://openalex.org/keywords/trusted-computing-base","display_name":"Trusted computing base","score":0.4364235997200012},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.41705191135406494},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.40007781982421875},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3083997368812561},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.29055196046829224},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.1887894570827484}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.8792400360107422},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8231222629547119},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.707204282283783},{"id":"https://openalex.org/C204495577","wikidata":"https://www.wikidata.org/wiki/Q1205349","display_name":"Callback","level":2,"score":0.6785948872566223},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.6233108043670654},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.5108844637870789},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5001413822174072},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5000054836273193},{"id":"https://openalex.org/C147346212","wikidata":"https://www.wikidata.org/wiki/Q5492632","display_name":"Trusted computing base","level":4,"score":0.4364235997200012},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.41705191135406494},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.40007781982421875},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3083997368812561},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.29055196046829224},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.1887894570827484},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46214.2022.9833723","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833723","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7900000214576721,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320337504","display_name":"Research and Development","ror":"https://ror.org/027s68j25"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1969501726","https://openalex.org/W1993682390","https://openalex.org/W2080573945","https://openalex.org/W2138517425","https://openalex.org/W2404006520","https://openalex.org/W2514974017","https://openalex.org/W2516933175","https://openalex.org/W2612128870","https://openalex.org/W2751862727","https://openalex.org/W2753478887","https://openalex.org/W2803054784","https://openalex.org/W2882992559","https://openalex.org/W2891748016","https://openalex.org/W2954101292","https://openalex.org/W2964938167","https://openalex.org/W2978923867","https://openalex.org/W2987375469","https://openalex.org/W3000614974","https://openalex.org/W3015383024","https://openalex.org/W3018180091","https://openalex.org/W3048309924","https://openalex.org/W3139338820","https://openalex.org/W4220977950","https://openalex.org/W4244726870","https://openalex.org/W6713486597","https://openalex.org/W6743674107","https://openalex.org/W6743674419","https://openalex.org/W6765285382","https://openalex.org/W6766922533","https://openalex.org/W6768774651","https://openalex.org/W6776510913"],"related_works":["https://openalex.org/W2885309848","https://openalex.org/W2109584177","https://openalex.org/W2164166646","https://openalex.org/W3114474222","https://openalex.org/W2185582414","https://openalex.org/W3123222728","https://openalex.org/W4310614410","https://openalex.org/W2569220913","https://openalex.org/W2973047281","https://openalex.org/W2352238285"],"abstract_inverted_index":{"The":[0,21],"Unified":[1],"Extensible":[2],"Firmware":[3],"Interface":[4],"(UEFI)":[5],"provides":[6],"a":[7,40,93,141,157,173,192,236,239],"specification":[8],"of":[9,96,108,194],"the":[10,44,114,164,179,232,249,252,261],"software":[11,52],"interface":[12],"between":[13],"an":[14,77],"OS":[15,45],"and":[16,99,118,189,213,223],"its":[17],"underlying":[18],"platform":[19],"firmware.":[20,90],"runtime":[22],"services":[23],"provided":[24],"are":[25,54,124,137],"seemingly":[26],"secure":[27],"as":[28,104,257,266],"they":[29],"reside":[30],"in":[31,88,126,130,185],"System":[32],"Management":[33],"Mode":[34],"(SMM)":[35],"at":[36,47],"ring":[37,48,61,64],"-2,":[38],"assuming":[39],"higher":[41],"privilege":[42,66,70,85,182,208],"than":[43],"kernel":[46],"0.":[49],"However,":[50],"their":[51,101],"vulnerabilities":[53,87,98,129,184,210,247,255,264],"known":[55,258],"to":[56,59,63,234,248],"be":[57],"exploitable":[58],"launch":[60],"0":[62],"-2":[65],"escalation,":[67],"i.e.,":[68],"SMM":[69,84,181,207],"escalation":[71,86,183,209],"attacks.In":[72],"this":[73],"paper,":[74],"we":[75,161],"introduce":[76,162],"effective":[78],"static":[79,122,166],"analysis":[80],"framework":[81],"for":[82,177],"detecting":[83,127],"UEFI":[89,133,186,196],"We":[91,242],"present":[92],"systematic":[94],"study":[95],"such":[97,128,156],"identify":[100],"root":[102],"causes":[103],"being":[105],"two":[106,253],"types":[107],"references":[109,117],"that":[110,145],"can":[111,218,228],"escape":[112],"from":[113,199],"SMRAM,":[115],"legacy":[116],"unintentional":[119],"references.":[120],"Existing":[121],"analyses":[123],"ineffective":[125],"stripped":[131],"COTS":[132],"firmware":[134,187],"images,":[135],"which":[136,169,217],"developed":[138],"based":[139],"on":[140,172],"customized":[142],"callback":[143],"mechanism":[144],"organizes":[146],"callable":[147],"functions":[148],"into":[149,238],"protocols":[150],"identified":[151],"by":[152],"GUIDs.":[153],"By":[154],"leveraging":[155],"callback-based":[158],"programming":[159],"paradigm,":[160],"SPENDER,":[163],"first":[165],"detection":[167],"framework,":[168],"is":[170],"founded":[171],"novel":[174],"protocol-centric":[175],"analysis,":[176],"uncovering":[178],"potential":[180],"efficiently":[188],"precisely.":[190],"For":[191],"total":[193],"1148":[195],"binaries":[197],"collected":[198],"eight":[200],"vendors,":[201,250],"SPENDER":[202],"has":[203],"successfully":[204],"found":[205],"36":[206,246],"(two":[211],"1-day":[212,254],"34":[214,262],"0-day":[215,263],"vulnerabilities),":[216],"cause":[219],"arbitrary":[220,224],"code":[221],"execution":[222],"address":[225],"write":[226],"(and":[227],"thus":[229],"enable,":[230],"e.g.,":[231],"attackers":[233],"install":[235],"bootkit":[237],"flash":[240],"drive).":[241],"have":[243],"reported":[244],"these":[245],"with":[251],"confirmed":[256,265],"previously":[259],"but":[260],"new.":[267]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}