CVE-2024-38433
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock
reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code
execution.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Nuvoton · NPCM7xx (Poleg) BootBlockQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →