CVE-2023-38485

MEDIUM Year: 2023
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in the affected controller leading to complete system compromise.

Related Vulnerabilities

CVE-2018-21093

MEDIUM
CVSS:6.4(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before ...

CWE-7872018

CVE-2019-1193

MEDIUM
CVSS:6.4(Medium)

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitr...

CWE-7872019

CVE-2022-32266

MEDIUM
CVSS:6.4(Medium)

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacen...

CWE-7872022

CVE-2022-42783

MEDIUM
CVSS:6.4(Medium)

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

CWE-7872022

CVE-2022-44448

MEDIUM
CVSS:6.4(Medium)

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

CWE-7872022

CVE-2022-47365

MEDIUM
CVSS:6.4(Medium)

In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.

CWE-7872022