Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-32461
HistorySep 15, 2023 - 7:15 a.m.

CVE-2023-32461

2023-09-1507:15:09
CWE-122
[email protected]
web.nvd.nist.gov
12
dell
bios
buffer overflow
vulnerability
cve-2023-32461
nvd

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

Affected configurations

NVD
Node
dellpoweredge_r660_firmwareRange<1.5.6
AND
dellpoweredge_r660Match-
Node
dellpoweredge_r760_firmwareRange<1.5.6
AND
dellpoweredge_r760Match-
Node
dellpoweredge_c6620_firmwareRange<1.5.6
AND
dellpoweredge_c6620Match-
Node
dellpoweredge_mx760c_firmwareRange<1.5.6
AND
dellpoweredge_mx760cMatch-
Node
dellpoweredge_r860_firmwareRange<1.5.6
AND
dellpoweredge_r860Match-
Node
dellpoweredge_r960_firmwareRange<1.5.6
AND
dellpoweredge_r960Match-
Node
dellpoweredge_hs5610_firmwareRange<1.5.6
AND
dellpoweredge_hs5610Match-
Node
dellpoweredge_hs5620_firmwareRange<1.5.6
AND
dellpoweredge_hs5620Match-
Node
dellpoweredge_r660xs_firmwareRange<1.5.6
AND
dellpoweredge_r660xsMatch-
Node
dellpoweredge_r760xs_firmwareRange<1.5.6
AND
dellpoweredge_r760xsMatch-
Node
dellpoweredge_r760xd2_firmwareRange<1.5.6
AND
dellpoweredge_r760xd2Match-
Node
dellpoweredge_t560_firmwareRange<1.5.6
AND
dellpoweredge_t560Match-
Node
dellpoweredge_r760xa_firmwareRange<1.1.3
AND
dellpoweredge_r760xaMatch-
Node
dellpoweredge_xe9680_firmwareRange<1.1.3
AND
dellpoweredge_xe9680Match-
Node
dellpoweredge_xr5610_firmwareRange<1.1.4
AND
dellpoweredge_xr5610Match-
Node
dellpoweredge_xr8620t_firmwareRange<1.1.3
AND
dellpoweredge_xr8620tMatch-
Node
dellpoweredge_xr7620_firmwareRange<1.5.6
AND
dellpoweredge_xr7620Match-
Node
dellpoweredge_xe8640_firmwareRange<1.2.5
AND
dellpoweredge_xe8640Match-
Node
dellpoweredge_r6615_firmwareRange<1.3.11
AND
dellpoweredge_r6615Match-
Node
dellpoweredge_r7615_firmwareRange<1.3.11
AND
dellpoweredge_r7615Match-
Node
dellpoweredge_r6625_firmwareRange<1.3.11
AND
dellpoweredge_r6625Match-
Node
dellpoweredge_r7625_firmwareRange<1.3.11
AND
dellpoweredge_r7625Match-
Node
dellpoweredge_r650_firmwareRange<1.10.2
AND
dellpoweredge_r650Match-
Node
dellpoweredge_r750_firmwareRange<1.10.2
AND
dellpoweredge_r750Match-
Node
dellpoweredge_r750xa_firmwareRange<1.10.2
AND
dellpoweredge_r750xaMatch-
Node
dellpoweredge_c6520_firmwareRange<1.10.2
AND
dellpoweredge_c6520Match-
Node
dellpoweredge_mx750c_firmwareRange<1.10.2
AND
dellpoweredge_mx750cMatch-
Node
dellpoweredge_r550_firmwareRange<1.10.2
AND
dellpoweredge_r550Match-
Node
dellpoweredge_r450_firmwareRange<1.10.2
AND
dellpoweredge_r450Match-
Node
dellpoweredge_r650xs_firmwareRange<1.10.2
AND
dellpoweredge_r650xsMatch-
Node
dellpoweredge_r750xs_firmwareRange<1.10.2
AND
dellpoweredge_r750xsMatch-
Node
dellpoweredge_t550_firmwareRange<1.10.2
AND
dellpoweredge_t550Match-
Node
dellpoweredge_xr11_firmwareRange<1.10.2
AND
dellpoweredge_xr11Match-
Node
dellpoweredge_xr12_firmwareRange<1.10.2
AND
dellpoweredge_xr12Match-
Node
dellpoweredge_t150_firmwareRange<1.6.3
AND
dellpoweredge_t150Match-
Node
dellpoweredge_t350_firmwareRange<1.6.3
AND
dellpoweredge_t350Match-
Node
dellpoweredge_r250_firmwareRange<1.6.3
AND
dellpoweredge_r250Match-
Node
dellpoweredge_r350_firmwareRange<1.6.3
AND
dellpoweredge_r350Match-
Node
dellpoweredge_xr4510c_firmwareRange<1.10.4
AND
dellpoweredge_xr4510cMatch-
Node
dellpoweredge_xr4520c_firmwareRange<1.10.4
OR
dellpoweredge_xr4520c_firmwareMatch1.10.4
AND
dellpoweredge_xr4520cMatch-
Node
dellpoweredge_r6515_firmwareRange<2.11.4
AND
dellpoweredge_r6515Match-
Node
dellpoweredge_r6525_firmwareRange<2.11.3
AND
dellpoweredge_r6525Match-
Node
dellpoweredge_r7515_firmwareRange<2.11.4
AND
dellpoweredge_r7515Match-
Node
dellpoweredge_r7525_firmwareRange<2.11.3
AND
dellpoweredge_r7525Match-
Node
dellpoweredge_c6525_firmwareRange<2.11.3
AND
dellpoweredge_c6525Match-
Node
dellpoweredge_xe8545_firmwareRange<2.11.3
AND
dellpoweredge_xe8545Match-
Node
dellemc_xc_core_xc450_firmwareRange<1.11.2
AND
dellemc_xc_core_xc450Match-
Node
dellemc_xc_core_xc650_firmwareRange<1.11.2
AND
dellemc_xc_core_xc650Match-
Node
dellemc_xc_core_xc750_firmwareRange<1.11.2
AND
dellemc_xc_core_xc750Match-
Node
dellemc_xc_core_xc750xa_firmwareRange<1.11.2
AND
dellemc_xc_core_xc750xaMatch-
Node
dellemc_xc_core_xc6520_firmwareRange<1.11.2
AND
dellemc_xc_core_xc6520Match-
Node
dellemc_xc_core_xc7525_firmwareRange<2.11.3
AND
dellemc_xc_core_xc7525Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "BIOS",
    "platforms": [
      "PowerEdge R660",
      "PowerEdge R760",
      "PowerEdge C6620",
      "PowerEdge MX760c",
      "PowerEdge R860",
      "PowerEdge R960",
      "PowerEdge HS5610",
      "PowerEdge HS5620",
      "PowerEdge R660xs",
      "PowerEdge R760xs",
      "PowerEdge R760xd2",
      "PowerEdge T560",
      "PowerEdge R760xa",
      "PowerEdge XE9680",
      "PowerEdge XR5610",
      "PowerEdge XR8620t",
      "PowerEdge XR7620",
      "PowerEdge XE8640",
      "PowerEdge R6615",
      "PowerEdge R7615",
      "PowerEdge R6625",
      "PowerEdge R7625",
      "PowerEdge R650",
      "PowerEdge R750",
      "PowerEdge R750XA",
      "PowerEdge C6520",
      "PowerEdge MX750C",
      "PowerEdge R550",
      "PowerEdge R450",
      "PowerEdge R650XS",
      "PowerEdge R750XS",
      "PowerEdge T550",
      "PowerEdge XR11",
      "PowerEdge XR12",
      "PowerEdge T150",
      "PowerEdge T350",
      "PowerEdge R250",
      "PowerEdge R350",
      "PowerEdge XR4510c",
      "PowerEdge XR4520c",
      "PowerEdge R6515",
      "PowerEdge R6525",
      "PowerEdge R7515",
      "PowerEdge R7525",
      "PowerEdge C6525",
      "PowerEdge XE8545",
      "Dell EMC XC Core XC450",
      "Dell EMC XC Core XC650",
      "Dell EMC XC Core XC750",
      "Dell EMC XC Core XC750xa",
      "Dell EMC XC Core XC6520",
      "Dell EMC XC Core XC7525"
    ],
    "product": "PowerEdge Platform",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to 1.5.6"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.1.3"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.1.4"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.2.5"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.3.11"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.10.2"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.6.3"
      },
      {
        "status": "affected",
        "version": "Versions prior to 1.10.4"
      },
      {
        "status": "affected",
        "version": "Versions prior to 2.11.4"
      },
      {
        "status": "affected",
        "version": "Versions prior to 2.11.3"
      },
      {
        "status": "affected",
        "version": "Versions prior to Before 1.11.2"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2023-32461
2023-09-15 06:56:54
nvd
nvd
CVE-2023-32461
2023-09-15 07:15:09
prion
prion
Buffer overflow
2023-09-15 07:15:00

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CVE-2023-32461
cvelist1nvd1prion1