Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-11	CVE-2024-38433	Improper Authentication vulnerability in Nuvoton products Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution. local low complexity nuvoton CWE-287	6.7