CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30630 – dmidecode: dump-bin to overwrite a local file
https://notcve.org/view.php?id=CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. A vulnerability was found in dmidecode, which allows -dump-bin to overwrite a local file. This issue may lead to the execution of dmidecode via Sudo. • https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2 https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206 https://github.com/adamreiser/dmiwrite https://lists.nongnu.org/archive/html/dmidecode-devel/2023-03/msg00003.html https://access.redhat.com/security/cve/CVE-2023-30630 https://bugzilla.redhat.com/show_bug.cgi?id=2186669 • CWE-269: Improper Privilege Management •