CVE-2023-31100
First published: Tue Nov 14 2023(Updated: )
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138
Credit: 22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phoenix Securecore Technology | >=4.3.0.0<4.3.0.203 | |
| Phoenix Securecore Technology | >=4.3.1.0<4.3.1.163 | |
| Phoenix Securecore Technology | >=4.4.0.0<4.4.0.217 | |
| Phoenix Securecore Technology | >=4.5.0.0<4.5.0.138 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-31100.
What is the title of the vulnerability?
The title of the vulnerability is 'Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification.'
What is the severity of CVE-2023-31100?
The severity of CVE-2023-31100 is high with a CVSS score of 8.4.
What software versions are affected by CVE-2023-31100?
SecureCore™ Technology™ 4 versions 4.3.0.0 - 4.3.0.203, 4.3.1.0 - 4.3.1.163, 4.4.0.0 - 4.4.0.217, and 4.5.0.0 - 4.5.0.138 are affected by CVE-2023-31100.
How can I fix CVE-2023-31100?
To fix CVE-2023-31100, it is recommended to update SecureCore™ Technology™ 4 to version 4.5.0.138 or later.
- collector/mitre-cve
- collector/nvd-api
- vendor/phoenix
- product/securecore technology
- canonical/phoenix securecore technology