HIGH🇬🇧 English

CVE-2023-31100

CVSS 8.4v3.1pub. 2023-11-15upd. 2025-09-25

Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
  • Phoenixtech Securecore Technology

    OS
    Phoenixtech
    4.3.0.0 – 4.3.0.203 (bez)4.3.1.0 – 4.3.1.163 (bez)4.4.0.0 – 4.4.0.217 (bez)4.5.0.0 – 4.5.0.138 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-0762HIGH7.5ten sam produkt

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platform...

CVE-2024-1598HIGH7.5ten sam produkt

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.Thi...

CVE-2023-5058HIGH7.8ten sam produkt

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix Secur...

CVE-2024-29979MEDIUM4.6ten sam produkt

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake,...

CVE-2024-29980MEDIUM4.6ten sam produkt

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake,...