Skip to main content

Securecore Technology

8 CVEs product

Monthly

CVE-2024-12533 LOW Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.0.1.0 before 4.0.1.1018, from 4.1.0.1 before 4.1.0.573, from. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Securecore Technology
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-29980 MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
CVSS 4.0
4.6
EPSS
0.1%
CVE-2024-29979 MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
CVSS 4.0
4.6
EPSS
0.1%
CVE-2024-1598 HIGH This Week

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Stack Overflow Securecore Technology
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0762 HIGH POC This Week

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Intel Securecore Technology
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-5058 HIGH This Week

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Securecore Technology
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-31100 HIGH This Week

Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Securecore Technology
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2019-18279 HIGH This Week

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Securecore Technology
NVD
CVSS 3.1
8.8
EPSS
1.3%
EPSS 0% CVSS 3.3
LOW Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.0.1.0 before 4.0.1.1018, from 4.1.0.1 before 4.1.0.573, from. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Securecore Technology
NVD
EPSS 0% CVSS 4.6
MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
EPSS 0% CVSS 4.6
MEDIUM Monitor

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake,. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Securecore Technology
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Stack Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Intel Securecore Technology
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Securecore Technology
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Securecore Technology
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Securecore Technology
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy