VDB

CVE-2023-45235

CVE-2023-45235 PUBLISHED CVSS 8.300000190734863 HIGH

EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

EPSS 0.43% · 63.0th percentile

Risk Scores

CVSS 3.1
8.300000190734863
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C
EPSS Score
0.43%
63.0th percentile

Affected Products

VendorProductVersions
ABBB&R Industrial Automation GmbH APC3100 <1.45
ABBABB PPC900 <2.16
ABBABB C80 <1.14
ABBABB APC2200 <1.35
ABBABB PPC3100 <1.45
ABBABB PPC2200 <1.35
ABBB&R Industrial Automation GmbH APC4100 <1.09
ABBB&R Industrial Automation GmbH PPC3100 <1.45
ABBB&R Industrial Automation GmbH APC2200 <1.35
ABBB&R Industrial Automation GmbH MPC3100 <1.24
ABBABB PPC1200 <1.14
ABBABB MPC3100 <1.24
ABBB&R Industrial Automation GmbH APC910 <=1.25
ABBB&R Industrial Automation GmbH C80 <1.14
ABBB&R Industrial Automation GmbH PPC2200 <1.35
ABBABB APC4100 <1.09
ABBABB APC3100 <1.45
ABBB&R Industrial Automation GmbH PPC900 <2.16
ABBABB APC910 <=1.25
ABBB&R Industrial Automation GmbH PPC1200 <1.14

Exploit Intelligence

Timeline

  • Jan 16, 2024 CVE Published
  • Jan 24, 2024 EPSS Score
  • Feb 21, 2024 EPSS Score
  • Mar 20, 2024 EPSS Score
  • Apr 16, 2024 EPSS Score
  • May 14, 2024 EPSS Score
  • Jun 11, 2024 EPSS Score
  • Jul 9, 2024 EPSS Score
  • Aug 6, 2024 EPSS Score
  • Sep 30, 2024 EPSS Score
  • Oct 28, 2024 EPSS Score
  • Nov 25, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›