How severe is CVE-2024-38433?

CVE-2024-38433 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2024-38433

6.7MEDIUM

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the

Veröffentlicht: 7/11/2024Aktualisiert: 11/21/2024

Beschreibung

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution.

KI-AnalyseKI-gestützt

Betroffene Produkte

nuvotonnpcm750r_firmware

nuvotonnpcm750r

nuvotonnpcm710r_firmware

nuvotonnpcm710r

nuvotonnpcm730r_firmware

nuvotonnpcm730r

nuvotonnpcm705r_firmware

nuvotonnpcm705r

Referenzen

https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory
https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory