CVE-2023-32475 | THREATINT

Description

Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.

Reserved 2023-05-09 | Published 2024-06-07 | Updated 2024-08-02 | Assigner dell

HIGH: 7.6CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-353: Missing Support for Integrity Check

Product status

Default status

unaffected

Any version before 2.6.0

affected

Any version before 1.13.0

affected

Any version before 2.16.0

unaffected

Any version before 1.15.0

affected

Any version before 1.16.0

affected

Any version before 1.9.0

affected

Any version before 1.5.0

affected

Any version before 1.18.0

affected

Any version before 1.8.0

affected

Any version before 1.15.1

affected

Any version before 1.12.0

affected

Any version before 1.17.0

affected

Any version before 1.14.0

affected

Any version before 1.19.0

affected

References

www.dell.com/...ecurity-update-for-an-amd-bios-vulnerability vendor-advisory

cve.org (CVE-2023-32475)

nvd.nist.gov (CVE-2023-32475)

Download JSON