PT-2023-28430 · Unknown · Bootloader

Publicado

2023-12-04

·

Atualizado

2023-12-08

·

CVE-2023-42561

CVSS v3.1

7.1

Alta

VetorAV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Bootloader versions prior to SMR Dec-2023 Release 1
Description A heap out-of-bounds write issue allows a physical attacker to execute arbitrary code. This issue can be exploited by a physical attacker.
Recommendations For versions prior to SMR Dec-2023 Release 1, update to SMR Dec-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting physical access to devices until a patch is applied.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2023-42561

Produtos afetados

Bootloader