Buffer Overflow Vulnerability in EDK2's Network Package via Long Server ID Option in DHCPv6 Client

Buffer Overflow Vulnerability in EDK2's Network Package via Long Server ID Option in DHCPv6 Client

CVE-2023-45230 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

Learn more about our Cis Benchmark Audit For Server Software.