CVE-2023-34336: Buffer Overflow
First published: Mon Jun 12 2023(Updated: )
AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges.
Credit: biossecurity@ami.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ami Megarac Sp-x | >=12.0<12.7 | |
| Ami Megarac Sp-x | >=13.0<13.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-34336?
CVE-2023-34336 is a vulnerability in the IPMI handler of AMI BMC that allows an attacker with the required privileges to cause a buffer overflow, which can result in code execution, denial of service, or escalation of privileges.
What is the severity of CVE-2023-34336?
The severity of CVE-2023-34336 is high with a CVSS score of 8.8.
Which software is affected by CVE-2023-34336?
AMI Megarac Sp-x versions 12.0 to 12.7 and versions 13.0 to 13.5 are affected by CVE-2023-34336.
How can an attacker exploit CVE-2023-34336?
An attacker with the required privileges can exploit CVE-2023-34336 by causing a buffer overflow in the IPMI handler of AMI BMC.
Is there a fix available for CVE-2023-34336?
Yes, a fix is available for CVE-2023-34336. Please refer to the reference link for more information.
- collector/nvd-index
- vendor/ami
- canonical/ami megarac sp-x
- version/ami megarac sp-x/12.0
- version/ami megarac sp-x/13.0