How severe is CVE-2024-38433?

CVE-2024-38433 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2024-38433

6.7MEDIUM

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the

发布于: 7/11/2024更新于: 11/21/2024

描述

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution.

AI分析AI驱动

受影响产品

nuvotonnpcm750r_firmware

nuvotonnpcm750r

nuvotonnpcm710r_firmware

nuvotonnpcm710r

nuvotonnpcm730r_firmware

nuvotonnpcm730r

nuvotonnpcm705r_firmware

nuvotonnpcm705r

参考资料

https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory
https://www.gov.il/en/Departments/faq/cve_advisories
Third Party Advisory