CVE-2023-37293— stack-based buffer overflow

CVSS 9.6 · Critical EPSS 0.04% · P11 Updated Jul 05, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-37293

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

stack-based buffer overflow

Source: NVD (National Vulnerability Database)

Vulnerability Description

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

栈缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

AMI MegaRAC SPx 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

AMI MegaRAC是AMI公司的一系列服务处理器产品。可独立于操作系统状态或位置对计算机系统进行完整的带外或无灯光远程管理，以对计算机进行故障排除并确保服务的连续性。 AMI MegaRAC SPx 存在安全漏洞。攻击者可能会通过相邻网络导致基于堆栈的缓冲区溢出。成功利用此漏洞可能会导致机密性、完整性和可用性丧失。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
AMI	MegaRAC_SPx	12 ~ 12.7	-

II. Public POCs for CVE-2023-37293

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-37293

Please Login to view more intelligence information

Same Patch Batch · AMI · 2024-01-09 · 8 CVEs total

CVE-2023-3043	9.6 CRITICAL	Stack-based Buffer Overflow BMC
CVE-2023-37294	8.3 HIGH	Heap-based Buffer Overflow
CVE-2023-37295	8.3 HIGH	Heap-based Buffer Overflow
CVE-2023-37296	8.3 HIGH	Stack-based Buffer Overflow
CVE-2023-37297	8.3 HIGH	heap memory overflow
CVE-2023-34332	7.8 HIGH	Untrusted Pointer Dereference in BMC
CVE-2023-34333	7.8 HIGH	Untrusted Pointer Dereference

IV. Related Vulnerabilities

Same product: MegaRAC_SPx

Same vendor: AMI

Same weakness: CWE-121

V. Comments for CVE-2023-37293

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-37293— stack-based buffer overflow

I. Basic Information for CVE-2023-37293

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2023-37293

III. Intelligence Information for CVE-2023-37293

Same Patch Batch · AMI · 2024-01-09 · 8 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-37293

Leave a comment