Lucene search
22d9ba52-f336-4b0d-bf1f-0efbdcc3c1deCVE-2023-5058HistoryDec 07, 2023 - 11:15 p.m.
CVE-2023-5058
2023-12-0723:15:07
CWE-20
22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
web.nvd.nist.gov
29
23
cve-2023-5058
improper input validation
user-supplied splash screen
system boot
phoenix securecore™ technology™ 4
denial-of-service attacks
arbitrary code execution
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.9%
Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.
Affected configurations
Node
phoenixsecurecore_technologyMatch4.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| phoenix:securecore_technology | phoenix securecore technology | eq | 4.0 |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "SecureCore™ Technology™ 4",
"vendor": "Phoenix",
"versions": [
{
"status": "affected",
"version": "4.0"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
CVE-2023-5058
2023-12-07 22:29:05
nvd
nvd
CVE-2023-5058
2023-12-07 23:15:07
prion
prion
Input validation
2023-12-07 23:15:00
cert
cert
Image files in UEFI can be abused to modify boot behavior
2023-12-06 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.9%
Related for CVE-2023-5058