CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

[UPDATE] [high] EDK2 NetworkPkg IP stack implementation: Multiple vulnerabilities

highCVE-2023-45229CVE-2023-45230CVE-2023-45231CVE-2023-45232CVE-2023-45233CVE-2023-45234
An attacker from the adjacent network or a remote, anonymous attacker can exploit multiple vulnerabilities in the EDK2 NetworkPkg IP stack implementation to execute arbitrary program code, disclose confidential information, and trigger a denial of service condition.

CSIRTS triage

What
Multiple vulnerabilities allow an attacker to execute arbitrary code, disclose confidential information, and trigger a denial of service condition.
Who is affected
Adjacent network or remote, anonymous attackers can exploit these vulnerabilities.
Urgency
High urgency for remediation due to the severity and potential impact of exploitation.
Action
Update to the latest version of EDK2 NetworkPkg to address these vulnerabilities.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch EDK2 NetworkPkg

Get an email when a new EDK2 NetworkPkg advisory drops — max one per day, one-click unsubscribe.

Details

Source
CERT-Bund (BSI) Security Advisories (DE · national-cert · site)
Severity
high
Published
2026-07-10
Exploitation
Not in CISA KEV at last sync
Language
Machine-translated to English — verify against the original

Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0126

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2023-45229coverage & exploitation statusNVD · CVE.org
CVE-2023-45230coverage & exploitation statusNVD · CVE.org
CVE-2023-45231coverage & exploitation statusNVD · CVE.org
CVE-2023-45232coverage & exploitation statusNVD · CVE.org
CVE-2023-45233coverage & exploitation statusNVD · CVE.org
CVE-2023-45234coverage & exploitation statusNVD · CVE.org
CVE-2023-45235coverage & exploitation statusNVD · CVE.org
CVE-2023-45236coverage & exploitation statusNVD · CVE.org
CVE-2023-45237coverage & exploitation statusNVD · CVE.org

More from CERT-Bund (BSI) Security Advisories