CVE-2024-22247
CVE-2024-22247
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
02 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability.
A malicious actor with physical access to the SD-WAN Edge appliance
during activation can potentially exploit this vulnerability to access
the BIOS configuration. In addition, the malicious actor may be able to
exploit the default boot priority configured.
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Affected products
N/A · VMware SD-WAN Edge