BIOS Vulnerability Allows Arbitrary Code Execution with Physical Access
CVE-2023-32475
7.6HIGH
Summary
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
Affected Version(s)
CPG BIOS < 2.6.0
CPG BIOS < 1.13.0
CPG BIOS >= 2.16.0
CVSS V3.1
Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database