Improper Input Validation in Dell BIOS
CVE-2023-32480

6.8MEDIUM

Key Information:

Vendor: Dell
Status: Cpg BiOS
Vendor: CVE Published:; 23 June 2023

Summary

Dell BIOS is affected by an improper input validation vulnerability, allowing unauthenticated physical attackers to potentially exploit this flaw. By leveraging this vulnerability, attackers could execute arbitrary code, posing significant risks to system integrity and security. It is crucial for users to update their BIOS firmware promptly to mitigate the associated risks.

Affected Version(s)

CPG BIOS All Versions

References

https://www.dell.com/support/kbdoc/en-us/000214779/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 23, 2023
Vulnerability Reserved
May 9, 2023