CVE-2023-32467
8.2
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Exploitability: 1.5 / Impact: 6.0
Source: NVD
Description
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.
Affected (6)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 0.1.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Edge Gateway 5000 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 0.1.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Edge Gateway 5100 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.05.10 |
| Running on/with | Platform Versions |
|---|---|
Dell Edge Gateway 5200 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Dell Edge Gateway 3200 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 0.1.13.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xps 13 9350 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 0.1.13.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Chengming 3977 | All versions |
References (2)
Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.