Lucene search
HistoryAug 16, 2023 - 8:15 p.m.
CVE-2023-32453
dell
bios
authentication
vulnerability
uefi
security
4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
4.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
Affected configurations
Node
dellalienware_m15_r7_firmwareRange<1.18.0
dellalienware_m15_r7Match-
Node
dellalienware_m16_firmwareRange<1.10.1
dellalienware_m16Match-
Node
dellalienware_m18_firmwareRange<1.10.1
dellalienware_m18Match-
Node
dellchengming_3900_firmwareRange<1.15.0
dellchengming_3900Match-
Node
dellchengming_3901_firmwareRange<1.15.0
dellchengming_3901Match-
Node
dellchengming_3910_firmwareRange<1.6.0
dellchengming_3910Match-
Node
dellchengming_3911_firmwareRange<1.6.0
dellchengming_3911Match-
Node
dellg15_5520_firmwareRange<1.18.0
dellg15_5520Match-
Node
dellg16_7620_firmwareRange<1.18.0
dellg16_7620Match-
Node
dellg3_3500_firmwareRange<1.26.0
dellg3_3500Match-
Node
dellg5_15_5500_firmwareRange<1.26.0
dellg5_15_5500Match-
Node
dellg7_15_7500_firmwareRange<1.26.0
dellg7_15_7500Match-
Node
dellg7_17_7700_firmwareRange<1.26.0
dellg7_17_7700Match-
Node
dellprecision_5680_firmwareRange<1.4.1
dellprecision_5680Match-
Node
dellinspiron_14_5410_firmwareRange<2.20.0
dellinspiron_14_5410Match-
Node
dellinspiron_14_5418_firmwareRange<2.20.0
dellinspiron_14_5418Match-
Node
dellinspiron_15_3511_firmwareRange<1.23.0
dellinspiron_15_3511Match-
Node
dellinspiron_15_5510_firmwareRange<2.20.0
dellinspiron_15_5510Match-
Node
dellinspiron_15_5518_firmwareRange<2.20.0
dellinspiron_15_5518Match-
Node
dellinspiron_24_5420_all-in-one_firmwareRange<1.4.0
dellinspiron_24_5420_all-in-oneMatch-
Node
dellinspiron_24_5421_all-in-one_firmwareRange<1.4.0
dellinspiron_24_5421_all-in-oneMatch-
Node
dellinspiron_27_7720_all-in-one_firmwareRange<1.4.0
dellinspiron_27_7720_all-in-oneMatch-
Node
dellinspiron_3020_small_desktop_firmwareRange≤1.6.0
dellinspiron_3020_small_desktopMatch-
Node
dellinspiron_3020_desktop_firmwareRange<1.6.0
dellinspiron_3020_desktopMatch-
Node
dellinspiron_3493_firmwareRange<1.27.0
dellinspiron_3493Match-
Node
dellinspiron_3511_firmwareRange<1.23.0
dellinspiron_3511Match-
Node
dellinspiron_3593_firmwareRange<1.27.0
dellinspiron_3593Match-
Node
dellinspiron_3793_firmwareRange<1.27.0
dellinspiron_3793Match-
Node
dellinspiron_3891_firmwareRange<1.19.0
dellinspiron_3891Match-
Node
dellinspiron_3910_firmwareRange<1.15.0
dellinspiron_3910Match-
Node
dellinspiron_5410_firmwareRange<2.20.0
dellinspiron_5410Match-
Node
dellinspiron_5493_firmwareRange<1.27.0
dellinspiron_5493Match-
Node
dellinspiron_5593_firmwareRange<1.27.0
dellinspiron_5593Match-
Node
dellinspiron_7300_2-in-1_firmwareRange<1.19.0
dellinspiron_7300_2-in-1Match-
Node
dellinspiron_7490_firmwareRange<1.22.0
dellinspiron_7490Match-
Node
dellinspiron_7500_firmwareRange<1.24.0
dellinspiron_7500Match-
Node
dellinspiron_7500_2-in-1_black_firmwareRange<1.19.0
dellinspiron_7500_2-in-1_blackMatch-
Node
dellinspiron_7501_firmwareRange<1.24.0
dellinspiron_7501Match-
Node
dellinspiron_7510_firmwareRange<1.17.0
dellinspiron_7510Match-
Node
dellinspiron_7610_firmwareRange<1.17.0
dellinspiron_7610Match-
Node
delllatitude_3140_firmwareRange<1.8.0
delllatitude_3140Match-
Node
delllatitude_3301_firmwareRange<1.27.0
delllatitude_3301Match-
Node
delllatitude_3320_firmwareRange<1.23.0
delllatitude_3320Match-
Node
delllatitude_3330_firmwareRange<1.15.0
delllatitude_3330Match-
Node
delllatitude_3340_firmwareRange<1.6.0
delllatitude_3340Match-
Node
delllatitude_3400_firmwareRange<1.29.0
delllatitude_3400Match-
Node
delllatitude_3430_firmwareRange<1.12.0
delllatitude_3430Match-
Node
delllatitude_3440_firmwareRange<1.6.0
delllatitude_3440Match-
Node
delllatitude_3500_firmwareRange<1.29.0
delllatitude_3500Match-
Node
delllatitude_3530_firmwareRange<1.12.0
delllatitude_3530Match-
Node
delllatitude_3540_firmwareRange<1.6.0
delllatitude_3540Match-
Node
delllatitude_5420_firmwareRange<1.30.0
delllatitude_5420Match-
Node
delllatitude_5430_firmwareRange<1.15.0
delllatitude_5430Match-
Node
delllatitude_5431_firmwareRange<1.15.0
delllatitude_5431Match-
Node
delllatitude_7230_rugged_extreme_tablet_firmwareRange<1.8.0
delllatitude_7230_rugged_extreme_tabletMatch-
Node
delllatitude_7320_firmwareRange<1.28.0
delllatitude_7320Match-
Node
delllatitude_7420_firmwareRange<1.28.0
delllatitude_7420Match-
Node
delllatitude_7520_firmwareRange<1.28.0
delllatitude_7520Match-
Node
delllatitude_9330_firmwareRange<1.13.0
delllatitude_9330Match-
Node
delllatitude_9520_firmwareRange<1.24.0
delllatitude_9520Match-
Node
delllatitude_rugged_5430_firmwareRange<1.20.0
delllatitude_rugged_5430Match-
Node
delllatitude_rugged_7330_firmwareRange<1.20.0
delllatitude_rugged_7330Match-
Node
delloptiplex_3000_firmwareRange<1.15.0
delloptiplex_3000Match-
Node
delloptiplex_3000_thin_client_firmwareRange<1.11.0
delloptiplex_3000_thin_clientMatch-
Node
delloptiplex_5000_firmwareRange<1.15.0
delloptiplex_5000Match-
Node
delloptiplex_5090_firmwareRange<1.19.0
delloptiplex_5090Match-
Node
delloptiplex_5400_all-in-one_firmwareRange<1.1.30
delloptiplex_5400_all-in-oneMatch-
Node
delloptiplex_5490_all-in-one_firmwareRange<1.23.0
delloptiplex_5490_all-in-oneMatch-
Node
delloptiplex_7000_firmwareRange<1.15.0
delloptiplex_7000Match-
Node
delloptiplex_7090_firmwareRange<1.19.0
delloptiplex_7090Match-
Node
delloptiplex_7400_all-in-one_firmwareRange<1.1.30
delloptiplex_7400_all-in-oneMatch-
Node
delloptiplex_7490_all-in-one_firmwareRange<1.23.0
delloptiplex_7490_all-in-oneMatch-
Node
delloptiplex_7410_all-in-one_firmwareRange<1.6.0
delloptiplex_7410_all-in-oneMatch-
Node
delloptiplex_micro_plus_7010_firmwareRange<1.6.0
delloptiplex_micro_plus_7010Match-
Node
delloptiplex_small_form_factor_plus_7010_firmwareRange<1.6.0
delloptiplex_small_form_factor_plus_7010Match-
Node
delloptiplex_tower_plus_7010_firmwareRange<1.6.0
delloptiplex_tower_plus_7010Match-
Node
delloptiplex_xe4_firmwareRange<1.15.0
delloptiplex_xe4Match-
Node
dellprecision_3260_xe_compact_firmwareRange<2.7.0
dellprecision_3260_xe_compactMatch-
Node
dellprecision_3260_compact_firmwareRange<2.7.0
dellprecision_3260_compactMatch-
Node
dellprecision_3450_firmwareRange<1.19.0
dellprecision_3450Match-
Node
dellprecision_3460_xe_small_form_factor_firmwareRange<2.7.0
dellprecision_3460_xe_small_form_factorMatch-
Node
dellprecision_3460_small_form_factor_firmwareRange<2.7.0
dellprecision_3460_small_form_factorMatch-
Node
dellprecision_3470_firmwareRange<1.15.0
dellprecision_3470Match-
Node
dellprecision_3650_tower_firmwareRange<1.24.0
dellprecision_3650_towerMatch-
Node
dellprecision_3660_firmwareRange<2.7.0
dellprecision_3660Match-
Node
dellprecision_5470_firmwareRange<1.15.0
dellprecision_5470Match-
Node
dellprecision_5570_firmwareRange<1.16.0
dellprecision_5570Match-
Node
dellprecision_5860_tower_firmwareRange<1.0.10
dellprecision_5860_towerMatch-
Node
dellprecision_7960_tower_firmwareRange<1.0.9
dellprecision_7960_towerMatch-
Node
dellvostro_3020_sff_firmwareRange<1.6.0
dellvostro_3020_sffMatch-
Node
dellvostro_3020_t_firmwareRange<1.6.0
dellvostro_3020_tMatch-
Node
dellvostro_3510_firmwareRange<1.23.0
dellvostro_3510Match-
Node
dellvostro_3690_firmwareRange<1.19.0
dellvostro_3690Match-
Node
dellvostro_3710_firmwareRange<1.15.0
dellvostro_3710Match-
Node
dellvostro_3890_firmwareRange<1.19.0
dellvostro_3890Match-
Node
dellvostro_3910_firmwareRange<1.15.0
dellvostro_3910Match-
Node
dellvostro_5410_firmwareRange<2.20.0
dellvostro_5410Match-
Node
dellvostro_5491_firmwareRange<1.27.0
dellvostro_5491Match-
Node
dellvostro_5510_firmwareRange<2.20.0
dellvostro_5510Match-
Node
dellvostro_5591_firmwareRange<1.27.0
dellvostro_5591Match-
Node
dellvostro_5890_firmwareRange<1.19.0
dellvostro_5890Match-
Node
dellvostro_7500_firmwareRange<1.24.0
dellvostro_7500Match-
Node
dellvostro_7510_firmwareRange<1.17.0
dellvostro_7510Match-
Node
dellxps_13_9305_firmwareRange<1.16.0
dellxps_13_9305Match-
Node
dellxps_13_7390_firmwareRange<1.21.0
dellxps_13_7390Match-
Node
dellxps_13_7390_2-in-1_firmwareRange<1.26.0
dellxps_13_7390_2-in-1Match-
Node
dellxps_13_9300_firmwareRange<1.19.0
dellxps_13_9300Match-
Node
dellxps_13_9310_firmwareRange<3.17.0
dellxps_13_9310Match-
Node
dellxps_13_9310_2-in-1_firmwareRange<2.19.0
dellxps_13_9310_2-in-1Match-
Node
dellxps_13_9315_firmwareRange<1.13.0
dellxps_13_9315Match-
Node
dellxps_15_9520_firmwareRange<1.16.0
dellxps_15_9520Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| dell:alienware_m15_r7_firmware | dell alienware m15 r7 firmware | lt | 1.18.0 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]Related
nessus
nessus
Dell Client BIOS Improper Authentication (DSA-2023-190)
2023-08-25 00:00:00
nvd
nvd
CVE-2023-32453
2023-08-16 20:15:09
prion
prion
Authentication flaw
2023-08-16 20:15:00
cvelist
cvelist
CVE-2023-32453
2023-08-16 19:22:33
4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
4.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-32453