Lucene search

AMICVE-2023-34469

HistorySep 12, 2023 - 4:15 p.m.

CVE-2023-34469

2023-09-1216:15:09

CWE-284

AMI

web.nvd.nist.gov

ami

aptiov

bios

vulnerability

cve-2023-34469

access control

network

exploit

confidentiality

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

20.7%

JSON

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality.

Affected configurations

Nvd

Node

amiaptio_v

VendorProductVersionCPE
amiaptio_v*cpe:2.3:o:ami:aptio_v:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ami	aptio_v	*	cpe:2.3:o:ami:aptio_v::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "AptioV",
    "vendor": "AMI",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  }
]

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023007.pdf

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

0.001

Percentile

20.7%

JSON

Related for CVE-2023-34469