Lucene search

K
cvePhoenixCVE-2023-5058
HistoryDec 07, 2023 - 11:15 p.m.

CVE-2023-5058

2023-12-0723:15:07
CWE-20
Phoenix
web.nvd.nist.gov
33
23
cve-2023-5058
improper input validation
user-supplied splash screen
system boot
phoenix securecore™ technology™ 4
denial-of-service attacks
arbitrary code execution
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.8%

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.

Affected configurations

Nvd
Node
phoenixsecurecore_technologyMatch4.0
VendorProductVersionCPE
phoenixsecurecore_technology4.0cpe:2.3:o:phoenix:securecore_technology:4.0:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "SecureCore™ Technology™ 4",
    "vendor": "Phoenix",
    "versions": [
      {
        "status": "affected",
        "version": "4.0"
      }
    ]
  }
]

Social References

More

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.8%

Related for CVE-2023-5058