CVE-2023-33017

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 5, 2023

Updated: Apr 12, 2024

CWE ID 120

Summary

CVE-2023-33017 is a memory corruption vulnerability impacting the Boot process during a ListVars test in UEFI Menus. A successful exploit could allow an attacker to manipulate system memory, potentially leading to unintended system behavior or even code execution with kernel-level privileges. This vulnerability could put sensitive data at risk and compromise the system's security. UEFI users are recommended to update their systems as soon as patches become available to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/trbErO
https://www.cve.org/CVERecord?id=CVE-2023-33017
https://nvd.nist.gov/vuln/detail/CVE-2023-33017

Back to Vulnerability Database

CVE-2023-33017

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations