Buffer Overflow Vulnerability in Dell PowerEdge and Precision BIOS
CVE-2023-32461

6.7MEDIUM

Key Information:

Vendor: Dell
Status: PowerEdge Platform
Vendor: CVE Published:; 15 September 2023

Summary

Dell PowerEdge and Precision BIOS are affected by a buffer overflow vulnerability, enabling a local user with high privileges to exploit the flaw. This exploitation can lead to memory corruption, allowing unauthorized elevation of privileges, thus posing significant security risks to systems utilizing these BIOS versions.

Affected Version(s)

PowerEdge Platform PowerEdge R660 Versions prior to 1.5.6

PowerEdge Platform PowerEdge R660 Versions prior to 1.1.3

PowerEdge Platform PowerEdge R660 Versions prior to 1.1.4

References

https://www.dell.com/support/kbdoc/en-us/000216543/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 15, 2023
Vulnerability Reserved
May 9, 2023