CVE-2023-32453 | THREATINT

Description

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

PUBLISHED Reserved 2023-05-09 | Published 2023-08-16 | Updated 2024-10-02 | Assigner dell

MEDIUM: 4.6CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Problem types

CWE-287: Improper Authentication

Product status

Default status

unaffected

All versions

affected

References

www.dell.com/...n-us/000215217/dsa-2023-190-dell-client-bios vendor-advisory

cve.org (CVE-2023-32453)

nvd.nist.gov (CVE-2023-32453)

Download JSON

help @ threatint.eu