How severe is CVE-2024-38433?

CVE-2024-38433 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2024-38433

6.7MEDIUM

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the

公開日: 7/11/2024更新日: 11/21/2024

説明

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution.

AI分析AIによる分析

影響を受ける製品

nuvotonnpcm750r_firmware

nuvotonnpcm750r

nuvotonnpcm710r_firmware

nuvotonnpcm710r

nuvotonnpcm730r_firmware

nuvotonnpcm730r

nuvotonnpcm705r_firmware

nuvotonnpcm705r

参照

https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory
https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory