CVE-2023-31100

Summary

CVE-2023-31100 is a critical access control vulnerability affecting the SMI handler in Phoenix SecureCore™ Technology™ 4. This issue permits SPI flash modification, which can be exploited by unauthorized users. The vulnerability impacts multiple versions of SecureCore™ Technology™ 4, specifically from 4.3.0.0 to 4.3.0.202, 4.3.1.0 to 4.3.1.162, 4.4.0.0 to 4.4.0.216, and 4.5.0.0 to 4.5.0.137. A successful exploit could result in significant data loss or unauthorized system modification. Users are advised to apply the relevant patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.