Security Advisory

CVE-2024-38433

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-11 07:50:45

Last updated 2024-08-02 04:12:24

Assigner INCD

State PUBLISHED

Description

Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution.

← Browse all CVEs View on cve.org ↗