{"uuid": "7ee92dcd-7441-44f7-9bbb-a7b9d65efba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40547", "type": "seen", "source": "https://t.me/arpsyndicate/4809", "content": "#ExploitObserverAlert\n\nCVE-2023-40547\n\nDESCRIPTION: Exploit Observer has 2078 entries in 42 file formats related to CVE-2023-40547. A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.\n\nFIRST-EPSS: 0.005410000\nNVD-IS: 6.0\nNVD-ES: 1.6\nARPS-PRIORITY: 0.9632835", "creation_timestamp": "2024-04-24T20:07:29.000000Z"}