Lucene search

AMICVELIST:CVE-2023-34469

HistorySep 12, 2023 - 3:21 p.m.

CVE-2023-34469 Cold Rest Vulnerabiltiy

2023-09-1215:21:11

CWE-284

AMI

www.cve.org

cve-2023-34469

cold rest vulnerability

bios

improper access control

physical network

confidentiality loss

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

20.7%

JSON

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "AptioV",
    "vendor": "AMI",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ]
  }
]

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023007.pdf

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

20.7%

JSON

Related for CVELIST:CVE-2023-34469