Buffer Over-Read Vulnerability in Dell BSAFE Crypto-C Micro Edition and Related Products

CVE-2023-28074

7.1HIGH

Key Information

Vendor: Dell
Status: Dell Bsafe Micro Edition Suite; Dell Bsafe Crypto-c Micro Edition
Vendor: CVE Published:; 31 July 2024

Summary

Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

Affected Version(s)

Dell BSAFE Micro Edition Suite = 5.0

Dell BSAFE Micro Edition Suite <= 4.6.1

Dell BSAFE Crypto-C Micro Edition <= 4.1.5

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 7.1 to: 6.2 - (MEDIUM)
Aug 20, 2024
Vulnerability published.
Jul 31, 2024
Vulnerability Reserved.
Mar 10, 2023

Collectors

NVD DatabaseMitre Database