Lucene search

[email protected]CVE-2023-28064

HistoryJun 23, 2023 - 11:15 a.m.

CVE-2023-28064

2023-06-2311:15:09

CWE-787

[email protected]

web.nvd.nist.gov

dell

bios

out-of-bounds write

vulnerability

nvd

cve-2023-28064

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.2%

JSON

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

Affected configurations

NVD

Node

dellalienware_m15_r6_firmwareRange<1.22.1

AND

dellalienware_m15_r6Match-

Node

dellalienware_m15_r7_firmwareRange<1.17.0

AND

dellalienware_m15_r7Match-

Node

dellchengming_3900_firmwareRange<1.13.0

AND

dellchengming_3900Match-

Node

dellchengming_3901_firmwareRange<1.13.0

AND

dellchengming_3901Match-

Node

dellg15_5510_firmwareRange<1.19.0

AND

dellg15_5510Match-

Node

dellg15_5511_firmwareRange<1.22.1

AND

dellg15_5511Match-

Node

dellg15_5520_firmwareRange<1.17.0

AND

dellg15_5520Match-

Node

dellinspiron_14_5418_firmwareRange<2.19.1

AND

dellinspiron_14_5418Match-

Node

dellinspiron_14_5410_firmwareRange<2.19.1

AND

dellinspiron_14_5410Match-

Node

dellinspiron_14_plus_7420_firmwareRange<1.13.0

AND

dellinspiron_14_plus_7420Match-

Node

dellinspiron_15_3511_firmwareRange<1.22.1

AND

dellinspiron_15_3511Match-

Node

dellinspiron_15_5510_firmwareRange<2.19.1

AND

dellinspiron_15_5510Match-

Node

dellinspiron_15_5518_firmwareRange<2.19.1

AND

dellinspiron_15_5518Match-

Node

dellinspiron_16_7620_2-in-1_firmwareRange<1.12.1

AND

dellinspiron_16_7620_2-in-1Match-

Node

dellinspiron_16_plus_7620_firmwareRange<1.13.0

AND

dellinspiron_16_plus_7620Match-

Node

dellinspiron_3511_firmwareRange<1.22.1

AND

dellinspiron_3511Match-

Node

dellinspiron_3520_firmwareRange<1.15.0

AND

dellinspiron_3520Match-

Node

dellinspiron_3891_firmwareRange<1.18.1

AND

dellinspiron_3891Match-

Node

dellinspiron_3910_firmwareRange<1.13.0

AND

dellinspiron_3910Match-

Node

dellinspiron_5310_firmwareRange<2.20.1

AND

dellinspiron_5310Match-

Node

dellinspiron_5320_firmwareRange<1.11.1

AND

dellinspiron_5320Match-

Node

dellinspiron_5410_firmwareRange<2.19.1

AND

dellinspiron_5410Match-

Node

dellinspiron_5420_firmwareRange<1.14.1

AND

dellinspiron_5420Match-

Node

dellinspiron_5620_firmwareRange<1.14.1

AND

dellinspiron_5620Match-

Node

dellinspiron_7420_firmwareRange<1.12.1

AND

dellinspiron_7420Match-

Node

dellinspiron_7510_firmwareRange<1.16.1

AND

dellinspiron_7510Match-

Node

dellinspiron_7610_firmwareRange<1.16.1

AND

dellinspiron_7610Match-

Node

delllatitude_3120_firmwareRange<1.17.2

AND

delllatitude_3120Match-

Node

delllatitude_3320_firmwareRange<1.22.2

AND

delllatitude_3320Match-

Node

delllatitude_3330_firmwareRange<1.13.0

AND

delllatitude_3330Match-

Node

delllatitude_3420_firmwareRange<1.29.0

AND

delllatitude_3420Match-

Node

delllatitude_3430_firmwareRange<1.10.1

AND

delllatitude_3430Match-

Node

delllatitude_3520_firmwareRange<1.29.0

AND

delllatitude_3520Match-

Node

delllatitude_3530_firmwareRange<1.10.1

AND

delllatitude_3530Match-

Node

delllatitude_5320_firmwareRange<1.28.1

AND

delllatitude_5320Match-

Node

delllatitude_5330_firmwareRange<1.13.1

AND

delllatitude_5330Match-

Node

delllatitude_5520_firmwareRange<1.28.1

AND

delllatitude_5520Match-

Node

delllatitude_5530_firmwareRange<1.13.2

AND

delllatitude_5530Match-

Node

delllatitude_5531_firmwareRange<1.14.1

AND

delllatitude_5531Match-

Node

delllatitude_7330_firmwareRange<1.14.1

AND

delllatitude_7330Match-

Node

delllatitude_7430_firmwareRange<1.14.1

AND

delllatitude_7430Match-

Node

delllatitude_7530_firmwareRange<1.14.1

AND

delllatitude_7530Match-

Node

delllatitude_rugged_5430_firmwareRange<1.18.1

AND

delllatitude_rugged_5430Match-

Node

delllatitude_rugged_7330_firmwareRange<1.18.1

AND

delllatitude_rugged_7330Match-

Node

delloptiplex_3000_firmwareRange<1.13.1

AND

delloptiplex_3000Match-

Node

delloptiplex_5000_firmwareRange<1.13.1

AND

delloptiplex_5000Match-

Node

delloptiplex_5400_firmwareRange<1.1.28

AND

delloptiplex_5400Match-

Node

delloptiplex_7000_firmwareRange<1.13.1

AND

delloptiplex_7000Match-

Node

delloptiplex_7000_oem_firmwareRange<1.13.1

AND

delloptiplex_7000_oemMatch-

Node

delloptiplex_7400Match-

AND

delloptiplex_7400_firmwareRange<1.1.28

Node

delloptiplex_7410_all-in-oneMatch-

AND

delloptiplex_7410_all-in-one_firmwareRange<1.4.1

Node

dellprecision_3560Match-

AND

dellprecision_3560_firmwareRange<1.28.1

Node

dellprecision_3570Match-

AND

dellprecision_3570_firmwareRange<1.13.2

Node

dellprecision_3571Match-

AND

dellprecision_3571_firmwareRange<1.14.1

Node

dellprecision_5760Match-

AND

dellprecision_5760_firmwareRange<1.20.1

Node

dellprecision_5770Match-

AND

dellprecision_5770_firmwareRange<1.17.1

Node

dellvostro_3420Match-

AND

dellvostro_3420_firmwareRange<1.15.0

Node

dellvostro_3510Match-

AND

dellvostro_3510_firmwareRange<1.22.1

Node

dellvostro_3520Match-

AND

dellvostro_3520_firmwareRange<1.15.0

Node

dellvostro_3910Match-

AND

dellvostro_3910_firmwareRange<1.13.0

Node

dellvostro_5310Match-

AND

dellvostro_5310_firmwareRange<2.20.1

Node

dellvostro_5320_firmwareRange<1.11.1

AND

dellvostro_5320Match-

Node

dellvostro_5410_firmwareRange<2.19.1

AND

dellvostro_5410Match-

Node

dellvostro_5510_firmwareRange<2.19.1

AND

dellvostro_5510Match-

Node

dellvostro_5620_firmwareRange<1.14.1

AND

dellvostro_5620Match-

Node

dellvostro_7510_firmwareRange<1.16.1

AND

dellvostro_7510Match-

Node

dellvostro_7620_firmwareRange<1.13.0

AND

dellvostro_7620Match-

Node

dellxps_13_9315_2-in-1_firmwareRange<1.8.1

AND

dellxps_13_9315_2-in-1Match-

Node

dellxps_17_9710_firmwareRange<1.20.1

AND

dellxps_17_9710Match-

Node

dellxps_17_9720_firmwareRange<1.17.1

AND

dellxps_17_9720Match-

CPENameOperatorVersion
dell:alienware_m15_r6_firmwaredell alienware m15 r6 firmwarelt1.22.1

CPE	Name	Operator	Version
dell:alienware_m15_r6_firmware	dell alienware m15 r6 firmware	lt	1.22.1

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CPG BIOS",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.2%

JSON

Related for CVE-2023-28064

cvelist1 prion1 nvd1