Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-25537

🗓️ 22 May 2023 10:48:45Reported by dellType 
cve
 cve🔗 web.nvd.nist.gov👁 39 Views

Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2023-25537
22 May 202314:25
circl
CNNVD		Dell PowerEdge Server BIOS 缓冲区错误漏洞
22 May 202300:00
cnnvd
Cvelist		CVE-2023-25537
22 May 202310:48
cvelist
EUVD		EUVD-2023-29489
3 Oct 202520:07
euvd
NVD		CVE-2023-25537
22 May 202311:15
nvd
OSV		CVE-2023-25537
22 May 202311:15
osv
Prion		Privilege escalation
22 May 202311:15
prion
Positive Technologies		PT-2023-8776 · Dell · Dell Precision Bios +1
22 May 202300:00
ptsecurity
Vulnrichment		CVE-2023-25537
22 May 202310:48
vulnrichment
NVD
Vulners
Node
dellpoweredge_r740_firmwareRange<2.18.1
AND
dellpoweredge_r740Match-
Node
dellpoweredge_r740xd_firmwareRange<2.18.1
AND
dellpoweredge_r740xdMatch-
Node
dellpoweredge_r640_firmwareRange<2.18.1
AND
dellpoweredge_r640Match-
Node
dellpoweredge_r940_firmwareRange<2.18.1
AND
dellpoweredge_r940Match-
Node
dellpoweredge_r540_firmwareRange<2.18.1
AND
dellpoweredge_r540Match-
Node
dellpoweredge_r440_firmwareRange<2.18.1
AND
dellpoweredge_r440Match-
Node
dellpoweredge_t440_firmwareRange<2.18.1
AND
dellpoweredge_t440Match-
Node
dellpoweredge_xr2_firmwareRange<2.18.1
AND
dellpoweredge_xr2Match-
Node
dellpoweredge_r740xd2_firmwareRange<2.18.1
AND
dellpoweredge_r740xd2Match-
Node
dellpoweredge_r840_firmwareRange<2.18.1
AND
dellpoweredge_r840Match-
Node
dellpoweredge_r940xa_firmwareRange<2.18.1
AND
dellpoweredge_r940xaMatch-
Node
dellpoweredge_t640_firmwareRange<2.18.1
AND
dellpoweredge_t640Match-
Node
dellpoweredge_c6420_firmwareRange<2.18.1
AND
dellpoweredge_c6420Match-
Node
dellpoweredge_fc640_firmwareRange<2.18.1
AND
dellpoweredge_fc640Match-
Node
dellpoweredge_m640_firmwareRange<2.18.1
AND
dellpoweredge_m640Match-
Node
dellpoweredge_mx740c_firmwareRange<2.18.1
AND
dellpoweredge_mx740cMatch-
Node
dellpoweredge_mx840c_firmwareRange<2.18.1
AND
dellpoweredge_mx840cMatch-
Node
dellpoweredge_c4140_firmwareRange<2.18.1
AND
dellpoweredge_c4140Match-
Node
delldss_8440_firmwareRange<2.18.1
AND
delldss_8440Match-
Node
dellpoweredge_xe2420_firmwareRange<2.18.1
AND
dellpoweredge_xe2420Match-
Node
dellpoweredge_xe7420_firmwareRange<2.18.1
AND
dellpoweredge_xe7420Match-
Node
dellpoweredge_xe7440_firmwareRange<2.18.1
AND
dellpoweredge_xe7440Match-
Node
dellemc_storage_nx3240_firmwareRange<2.18.1
AND
dellemc_storage_nx3240Match-
Node
dellemc_storage_nx3340_firmwareRange<2.18.1
AND
dellemc_storage_nx3340Match-
Node
dellemc_xc_core_6420_firmwareRange<2.18.1
AND
dellemc_xc_core_6420Match-
Node
dellemc_xc_core_xc640_firmwareRange<2.18.1
AND
dellemc_xc_core_xc640Match-
Node
dellemc_xc_core_xc740xd_firmwareRange<2.18.1
AND
dellemc_xc_core_xc740xdMatch-
Node
dellemc_xc_core_xc740xd2_firmwareRange<2.18.1
AND
dellemc_xc_core_xc740xd2Match-
Node
dellemc_xc_core_xc940_firmwareRange<2.18.1
AND
dellemc_xc_core_xc940Match-
Node
dellemc_xc_core_xcxr2_firmwareRange<2.18.1
AND
dellemc_xc_core_xcxr2Match-
[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "BIOS",
      "PowerEdge R740",
      "PowerEdge R740XD",
      "PowerEdge R640",
      "PowerEdge R940",
      "PowerEdge R540",
      "PowerEdge R440",
      "PowerEdge T440",
      "PowerEdge XR2",
      "PowerEdge R740xD2",
      "PowerEdge R840",
      "PowerEdge R940xa",
      "PowerEdge T640",
      "PowerEdge C6420",
      "PowerEdge FC640",
      "PowerEdge M640",
      "PowerEdge M640 (for PE VRTX)",
      "PowerEdge MX740c",
      "PowerEdge MX840c",
      "PowerEdge C4140",
      "DSS 8440",
      "PowerEdge XE2420",
      "PowerEdge XE7420",
      "PowerEdge XE7440",
      "Dell EMC Storage NX3240",
      "Dell EMC Storage NX3340",
      "Dell EMC XC Core 6420 System",
      "Dell EMC XC Core XC640 System",
      "Dell EMC XC Core XC740xd System",
      "Dell EMC XC Core XC740xd2",
      "Dell EMC XC Core XC940 System",
      "Dell EMC XC Core XCXR2"
    ],
    "product": "PowerEdge Platform",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to 2.18.1 "
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 07:49Current
7.9High risk
Vulners AI Score7.9
CVSS 3.16.1 - 7.8
EPSS0.00049
SSVC
CWE-787
cve-2023-25537dellpoweredge14gbiosout of bounds writevulnerabilitysmramsystem management modearbitrary code executionprivilege escalationnvd
39