CVE-2023-25518

MEDIUM Year: 2023
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-923
View all →

Vulnerability Description

NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.

Related Vulnerabilities

CVE-2022-43916

MEDIUM
CVSS:6.8(Medium)

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do ...

CWE-9232022

CVE-2024-6222

HIGH
CVSS:7.0(High)

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC...

CWE-9232024

CVE-2024-39537

MEDIUM
CVSS:6.5(Medium)

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause ...

CWE-9232024

CVE-2023-28971

HIGH
CVSS:7.2(High)

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the timescaledb feature of Juniper Networks Paragon Active Assurance (PAA) (Formerly Netrounds) allows an attack...

CWE-9232023

CVE-2024-36252

MEDIUM
CVSS:6.3(Medium)

Improper restriction of communication channel to intended endpoints issue exists in Ricoh Streamline NX PC Client ver.3.6.x and earlier. If this vulnerability is exploited, arbitrary code may be execu...

CWE-9232024