First published: Tue Nov 14 2023(Updated: )
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138
Credit: 22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
Affected Software | Affected Version | How to fix |
---|---|---|
Phoenix Securecore Technology | >=4.3.0.0<4.3.0.203 | |
Phoenix Securecore Technology | >=4.3.1.0<4.3.1.163 | |
Phoenix Securecore Technology | >=4.4.0.0<4.4.0.217 | |
Phoenix Securecore Technology | >=4.5.0.0<4.5.0.138 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-31100.
The title of the vulnerability is 'Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification.'
The severity of CVE-2023-31100 is high with a CVSS score of 8.4.
SecureCore™ Technology™ 4 versions 4.3.0.0 - 4.3.0.203, 4.3.1.0 - 4.3.1.163, 4.4.0.0 - 4.4.0.217, and 4.5.0.0 - 4.5.0.138 are affected by CVE-2023-31100.
To fix CVE-2023-31100, it is recommended to update SecureCore™ Technology™ 4 to version 4.5.0.138 or later.