CVE-2023-34335
First published: Mon Jun 12 2023(Updated: )
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service.
Credit: biossecurity@ami.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ami Megarac Spx | >=12.0<12.7 | |
| Ami Megarac Spx | >=13.0<13.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this AMI BMC vulnerability?
The vulnerability ID for this AMI BMC vulnerability is CVE-2023-34335.
What is the title of this vulnerability?
The title of this vulnerability is 'AMI BMC contains a vulnerability in the IPMI handler where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections.'
What is the severity of vulnerability CVE-2023-34335?
The severity of vulnerability CVE-2023-34335 is critical.
What is the affected software?
The affected software is AMI Megarac SPX versions 12.0 to 12.7 and versions 13.0 to 13.5.
How can this vulnerability be exploited?
Exploiting this vulnerability may lead to a loss of integrity or denial of service.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/weakness
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/ami
- canonical/ami megarac spx
- version/ami megarac spx/12.0
- version/ami megarac spx/13.0