CVE-2023-45237

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 16, 2024

Updated: Mar 7, 2024

CWE ID 338

Summary

CVE-2023-45237 is a vulnerability affecting EDK2's Network Package. The issue involves a predictable TCP Initial Sequence Number, making it susceptible to attacks. An attacker can exploit this vulnerability to gain unauthorized access, potentially resulting in a loss of Confidentiality. This issue could lead to significant security risks if not addressed promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TianoCore EDK II

Affected Vendors

Tianocore

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s5u8uE
https://www.cve.org/CVERecord?id=CVE-2023-45237
https://nvd.nist.gov/vuln/detail/CVE-2023-45237

Back to Vulnerability Database