CVE-2023-39251

6.7MEDIUM

Key Information:

Vendor: Dell
Status: CPG BIOS
Vendor: CVE Published:; 22 December 2023

Summary

Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.

Affected Version(s)

CPG BIOS Inspiron 7510 Versions prior to 1.20.0

CPG BIOS Inspiron 7510 Versions prior to 1.23.0

CPG BIOS Inspiron 7510 Versions prior to 1.27.0

References

https://www.dell.com/support/kbdoc/en-us/000217707/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 22, 2023
Vulnerability Reserved
Jul 26, 2023

Credit

Dell Technologies would like to thank Eason for reporting this issue.