Vulnerabilities > CVE-2023-37296 - Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

ami

CWE-787

NVD

Published: 2024-01-09

Updated: 2024-01-12

Summary

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Vulnerable Configurations

Part	Description	Count
OS	Ami AMI Megarac SP X 12 AMI Megarac SP X 13	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf