CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32280
https://notcve.org/view.php?id=CVE-2023-32280
14 Feb 2024 — Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access. Las credenciales insuficientemente protegidas en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a las versiones egs-1.05 pueden permitir que un usuario no autenticado habilite la divulgación de información a través del acceso a la red. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 82EXPL: 0CVE-2022-29277
https://notcve.org/view.php?id=CVE-2022-29277
15 Nov 2022 — Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.0048 Whitley: 05.42.23.0066 Cedar Island: 05.42.11.0021 Eagle Stream: 05.44.25.0052 Greenlow/Greenlow-R(skylake/kabylake): Trunk Mehlow/Mehlow-R (CoffeeLake-S): Trunk Tatlow (RKL-S): Trunk Denverton: 05.10.12.0042 Sno... • https://www.insyde.com/security-pledge • CWE-787: Out-of-bounds Write •