mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
952 B
952 B
CVE-2024-38433
%20BootBlock&color=blue)
Description
Nuvoton - CWE-305: Authentication Bypass by Primary WeaknessAn attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlockreference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary codeexecution.
POC
Reference
Github
No PoCs found on GitHub currently.