CVE-2023-28376 MEDIUM

CVE-2023-28376

Vendor N/A
Product Intel(R) E810 Ethernet Controllers and Adapters
Weakness CWE-125
Published November 14, 2023
Last update February 13, 2025

CVSS base score

6.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Key dates

02Disclosure timeline

November 14, 2023 CVE published
February 13, 2025 Record updated