CVE-2023-37297
heap memory overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
El SPx de AMI contiene una vulnerabilidad en el BMC donde un atacante puede conllevar una corrupción de la memoria de la pila a través de una red adyacente. Una explotación exitosa de esta vulnerabilidad puede conducir a una pérdida de confidencialidad, integridad y/o disponibilidad.
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-06-30 CVE Reserved
- 2024-01-09 CVE Published
- 2024-08-02 CVE Updated
- 2025-02-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ami Search vendor "Ami" | Megarac Sp-x Search vendor "Ami" for product "Megarac Sp-x" | >= 12 < 12.7 Search vendor "Ami" for product "Megarac Sp-x" and version " >= 12 < 12.7" | - |
Affected
| ||||||
| Ami Search vendor "Ami" | Megarac Sp-x Search vendor "Ami" for product "Megarac Sp-x" | >= 13 < 13.6 Search vendor "Ami" for product "Megarac Sp-x" and version " >= 13 < 13.6" | - |
Affected
| ||||||