Lucene search

AMIVULNRICHMENT:CVE-2023-34470

HistorySep 12, 2023 - 3:21 p.m.

CVE-2023-34470 Improper access control

2023-09-1215:21:58

CWE-284

AMI

github.com

cve-2023-34470

improper access control

bios vulnerability

ami aptiov

loss of confidentiality

loss of integrity

loss of availability

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023007.pdf

CVSS3

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2023-34470