Latest Ami Vulnerabilities

CVE-2023-3043
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a ...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-37297
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confi...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-37296
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of co...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-37295
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of c...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-37293
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of c...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-34333
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead t...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-37294
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-34332
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to...
Ami Megarac Sp-x>=12<12.7
Ami Megarac Sp-x>=13<13.6
CVE-2023-39538
Failure when uploading a Logo image file
CVE-2023-39539
Failure when uploading a Logo image file
Ami Aptio V
CVE-2023-39537
Improper input validation in BIOS TCG2
Ami Aptio V
CVE-2023-39536
Improper input validation in BIOS OFBD
Ami Aptio V
CVE-2023-39535
Improper input validation in BIOS
Ami Aptio V
CVE-2023-34470
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentialit...
Ami Aptio V
CVE-2023-34469
AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentia...
Ami Aptio V
CVE-2023-34329
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confident...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34330
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a lo...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34473
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, ...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34472
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of i...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34338
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34471
AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerabil...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34337
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may l...
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-34336
AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of ...
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34334
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, informati...
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34343
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, informati...
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34342
AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileg...
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34335
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability ma...
Ami Megarac Spx>=12.0<12.7
Ami Megarac Spx>=13.0<13.5
CVE-2023-34341
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, whi...
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34344
AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure.
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-34345
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure.
Ami Megarac Sp-x>=12.0<12.7
Ami Megarac Sp-x>=13.0<13.5
CVE-2023-28863
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
=12
=13
CVE-2023-25192
AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2023-25191
AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API
Ami Megarac Spx-12<7.00
Ami Megarac Spx-13<5.00
CVE-2022-26872
AMI Megarac Password reset interception via API
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2022-40242
MegaRAC Default Credentials Vulnerability
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2022-40259
MegaRAC Default Credentials Vulnerability
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2022-2827
AMI MegaRAC User Enumeration Vulnerability
Ami Megarac Sp-x=12
Ami Megarac Sp-x=13
CVE-2022-40262
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosur...
Ami Aptio V=5.0
Intel Server Board M10jnp2sb Firmware
Intel Server Board M10jnp2sb
CVE-2022-26873
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosur...
Intel Nuc M15 Laptop Kit Lapbc510 Firmware
Intel Nuc M15 Laptop Kit Lapbc510
Intel Nuc M15 Laptop Kit Lapbc710 Firmware
Intel Nuc M15 Laptop Kit Lapbc710
Ami Aptio V=5.0
CVE-2022-40250
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) an...
Intel Nuc M15 Laptop Kit Lapbc510 Firmware=bc0074
Intel Nuc M15 Laptop Kit Lapbc510
Intel Nuc M15 Laptop Kit Lapbc710 Firmware=bc0074
Intel Nuc M15 Laptop Kit Lapbc710
Ami Aptio V=5.0
CVE-2022-40261
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) an...
Intel Nuc M15 Laptop Kit Lapbc510 Firmware
Intel Nuc M15 Laptop Kit Lapbc510
Intel Nuc M15 Laptop Kit Lapbc710 Firmware
Intel Nuc M15 Laptop Kit Lapbc710
Ami Aptio V=5.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203