First published: Wed Dec 06 2023(Updated: )
AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
Credit: biossecurity@ami.com
Affected Software | Affected Version | How to fix |
---|---|---|
AMI Aptio V |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-39539 has a significant severity as it can lead to a loss of Confidentiality, Integrity, and Availability.
To mitigate CVE-2023-39539, update the AMI Aptio V BIOS to the latest version provided by the vendor.
CVE-2023-39539 affects users of AMI Aptio V BIOS versions that allow unrestricted upload of PNG logo files.
An attacker exploiting CVE-2023-39539 could potentially upload dangerous PNG files leading to unauthorized access and system compromise.
Yes, local access is required to exploit CVE-2023-39539, as it involves uploading a file to the BIOS.