Lucene search
HistoryDec 06, 2023 - 4:15 p.m.
CVE-2023-39538
bios vulnerability
unrestricted upload
bmp logo file
local access
confidentiality
integrity
availability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
Affected configurations
Node
amiaptio_v
Related
cvelist
cvelist
CVE-2023-39538 Failure when uploading a Logo image file
2023-12-06 15:17:30
prion
prion
Design/Logic Flaw
2023-12-06 16:15:00
cve
cve
CVE-2023-39538
2023-12-06 16:15:07
hp
hp
Certain HP PC BIOS Logo Vulnerabilities
2024-06-28 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2023-39538