CVE Published: 12/06/2023 |
CVE Updated: 02/08/2024 |
CVE Year: 2023 Source: AMI |
Vendor: AMI |
Product: MegaRAC_SPx Status : PUBLISHED
CVE-2023-34335 Description
AMI BMC contains a vulnerability in the IPMI handler, where an
unauthenticated host is allowed to write to a host SPI flash, bypassing secure
boot protections. An exploitation of this vulnerability may lead to a loss of
integrity or denial of service.
Metrics
CVSS Version: 3.1 |
Base Score: 7.7 HIGH Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H