CVE-2023-37296
EUVD-2023-4120309.01.2024, 23:15
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ami | megarac_sp-x | 12 ≤ 𝑥 < 12.7 |
| ami | megarac_sp-x | 13 ≤ 𝑥 < 13.6 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| ami | megarac_spx | 12 ≤ 𝑥 < 12.7 | CNA |
| ami | megarac_spx | 13 ≤ 𝑥 < 13.6 | CNA |
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.