VDB

CVE-2023-45231

CVE-2023-45231 PUBLISHED CVSS 6.5 MEDIUM

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

EPSS 0.15% · 34.7th percentile

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
0.15%
34.7th percentile

Affected Products

VendorProductVersions
ABBABB APC3100 <1.45
ABBB&R Industrial Automation GmbH APC3100 <1.45
ABBB&R Industrial Automation GmbH PPC3100 <1.45
ABBB&R Industrial Automation GmbH APC910 <=1.25
ABBB&R Industrial Automation GmbH APC2200 <1.35
ABBB&R Industrial Automation GmbH C80 <1.14
ABBABB MPC3100 <1.24
ABBABB PPC2200 <1.35
ABBB&R Industrial Automation GmbH MPC3100 <1.24
ABBABB APC910 <=1.25
ABBABB PPC1200 <1.14
ABBABB C80 <1.14
ABBABB APC2200 <1.35
ABBB&R Industrial Automation GmbH PPC1200 <1.14
ABBB&R Industrial Automation GmbH PPC2200 <1.35
ABBB&R Industrial Automation GmbH APC4100 <1.09
ABBABB PPC3100 <1.45
ABBABB PPC900 <2.16
ABBB&R Industrial Automation GmbH PPC900 <2.16
ABBABB APC4100 <1.09

Exploit Intelligence

Timeline

  • Jan 16, 2024 CVE Published
  • Jan 24, 2024 EPSS Score
  • Feb 21, 2024 EPSS Score
  • Mar 20, 2024 EPSS Score
  • Apr 16, 2024 EPSS Score
  • May 14, 2024 EPSS Score
  • Jun 11, 2024 EPSS Score
  • Jul 9, 2024 EPSS Score
  • Aug 6, 2024 EPSS Score
  • Sep 3, 2024 EPSS Score
  • Sep 30, 2024 EPSS Score
  • Oct 28, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›