CVE-2023-45231

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 16, 2024
Updated: Mar 13, 2024
CWE ID 125

Summary

CVE-2023-45231 is a vulnerability in EDK2's Network Package that allows for an out-of-bounds read when processing Neighbor Discovery Redirect messages. This vulnerability affects multiple products, including l5knKa, cEpWag, uy6KJn, and others. Exploiting this vulnerability could lead to unauthorized access and potentially result in a loss of confidentiality. The vulnerability has a base severity rating of MEDIUM with a base score of 6.5 according to NVD@nist.gov. It requires no privileges and no user interaction, and the attack vector is through an adjacent network. The confidentiality impact is rated as HIGH, with an impact score of 3.6. No detailed remediation information or analysis description is provided in the available information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45231 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options