CVE-2023-2993

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 26, 2023
Updated: Jul 5, 2023
CWE ID 125

Summary

CVE-2023-2993 is a vulnerability affecting SMM v1, SMM v2, and FPC web management servers. Authenticated users with limited privileges can exploit this issue by making specific API calls. Although they don't have the necessary permissions, these users can execute a restricted set of commands, potentially leading to unintended system changes.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share