Uncaught Exception in Intel products - CVE-2023-35123
Published: August 20, 2024
Vulnerability identifier: #VU96246
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-35123
CWE-ID: CWE-248
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
4th Generation Intel Xeon Scalable Processors
5th Generation Intel Xeon Scalable processors
OpenBMC
4th Generation Intel Xeon Scalable Processors
5th Generation Intel Xeon Scalable processors
OpenBMC
Detailed vulnerability description
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to an uncaught exception in the OpenBMC firmware. A remote user can send specially crafted traffic to the system and perform a denial of service (DoS) attack.
How to mitigate CVE-2023-35123
Install updates from vendor's website.