Vulnerability CVE-2024-38433
Published: 2024-07-11

Description:
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness

An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock

reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code

execution.

Type:

CWE-305

 (Authentication Bypass by Primary Weakness)

 References:
https://www.gov.il/en/Departments/faq/cve_advisories
Copyright 2024, cxsecurity.com

 

Back to Top