Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AMI — Vulnerabilities & Security Advisories 60

Browse all 60 CVE security advisories affecting AMI. AI-powered Chinese analysis, POCs, and references for each vulnerability.

AMI, formerly American Megatrends, primarily develops BIOS firmware and embedded software for enterprise servers, workstations, and IoT devices. Its extensive codebase has historically exposed numerous security flaws, resulting in approximately 60 recorded Common Vulnerabilities and Exposures. These defects predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation or improper access controls within the firmware interfaces. Notable incidents include critical flaws allowing attackers to bypass authentication mechanisms or execute arbitrary commands with elevated privileges, potentially compromising system integrity. The company has addressed many of these issues through firmware updates, yet the complexity of legacy systems continues to pose risks. Security researchers frequently highlight the importance of regular patching and secure configuration practices to mitigate these persistent threats associated with AMI’s widely deployed infrastructure components.

Found 21 results / 60Clear Filters
Top products by AMI: AptioV MegaRAC_SPx Aptio MegaRAC SPx12 MegaRAC SPx-12 MegaRAC_SPx12 MegaRAC-SPx
CVE IDTitleCVSSSeverityPublished
CVE-2023-37297 heap memory overflow — MegaRAC_SPxCWE-122 8.3 High2024-01-09
CVE-2023-37296 Stack-based Buffer Overflow — MegaRAC_SPxCWE-121 8.3 High2024-01-09
CVE-2023-37295 Heap-based Buffer Overflow — MegaRAC_SPxCWE-122 8.3 High2024-01-09
CVE-2023-37294 Heap-based Buffer Overflow — MegaRAC_SPxCWE-122 8.3 High2024-01-09
CVE-2023-37293 stack-based buffer overflow — MegaRAC_SPxCWE-121 9.6 Critical2024-01-09
CVE-2023-34333 Untrusted Pointer Dereference — MegaRAC_SPxCWE-822 7.8 High2024-01-09
CVE-2023-3043 Stack-based Buffer Overflow BMC — MegaRAC_SPxCWE-121 9.6 Critical2024-01-09
CVE-2023-34332 Untrusted Pointer Dereference in BMC — MegaRAC_SPxCWE-822 7.8 High2024-01-09
CVE-2023-34473 Usage of Hard-coded Credentials — MegaRAC_SPxCWE-798 6.6 Medium2023-07-05
CVE-2023-34472 AMI MegaRAC 安全漏洞 — MegaRAC_SPxCWE-113 5.7 Medium2023-07-05
CVE-2023-34471 Missing Cryptographic Step — MegaRAC_SPxCWE-325 6.3 Medium2023-07-05
CVE-2023-34338 hard coded cryptographic key — MegaRAC_SPxCWE-321 7.1 High2023-07-05
CVE-2023-34337 Inadequate Encryption Strength — MegaRAC_SPxCWE-326 7.6 High2023-07-05
CVE-2023-34336 BMC AMI 安全漏洞 — MegaRAC_SPxCWE-120 8.1 High2023-06-12
CVE-2023-34335 BMC AMI 访问控制错误漏洞 — MegaRAC_SPxCWE-288 7.7 High2023-06-12
CVE-2023-34334 BMC AMI 操作系统命令注入漏洞 — MegaRAC_SPxCWE-78 7.2 High2023-06-12
CVE-2023-34343 BMC AMI 操作系统命令注入漏洞 — MegaRAC_SPxCWE-78 7.2 High2023-06-12
CVE-2023-34342 BMC AMI 路径遍历漏洞 — MegaRAC_SPxCWE-22 6.0 Medium2023-06-12
CVE-2023-34341 BMC AMI 缓冲区错误漏洞 — MegaRAC_SPxCWE-119 7.2 High2023-06-12
CVE-2023-34345 BMC AMI 路径遍历漏洞 — MegaRAC_SPxCWE-22 6.5 Medium2023-06-12
CVE-2023-34344 A vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username — MegaRAC_SPxCWE-203 5.3 Medium2023-06-12

This page lists every published CVE security advisory associated with AMI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.