Infinite Loop Vulnerability in EDK2's Network Package: Exploiting IPv6 Destination Options Header Parsing
CVE-2023-45232 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.
Learn more about our Network Penetration Testing.