Vulnerabilities > CVE-2023-31100 - Unspecified vulnerability in Phoenix Securecore Technology

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

phoenix

NVD

Published: 2023-11-15

Updated: 2024-02-01

Summary

Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138

Vulnerable Configurations

Part	Description	Count
OS	Phoenix Phoenix Securecore Technology 4.5.0.0 Phoenix Securecore Technology 4.4.0.0 Phoenix Securecore Technology 4.3.1.0 Phoenix Securecore Technology 4.3.0.0	4

References

https://www.phoenix.com/security-notifications/