Lucene search
DellCVELIST:CVE-2023-39251HistoryDec 22, 2023 - 5:55 p.m.
CVE-2023-39251
2023-12-2217:55:18
CWE-20
dell
www.cve.org
dell
bios
vulnerability
input validation
memory corruption
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L
0.0004 Low
EPSS
Percentile
9.1%
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Inspiron 7510",
"Inspiron 7610",
"Latitude 5430 Rugged Laptop",
"Latitude 5521",
"Latitude 7330 Rugged Laptop",
"Precision 3561",
"Precision 5560",
"Precision 5760",
"Precision 7560",
"Precision 7760",
"Vostro 7510",
"XPS 15 9510",
"XPS 17 9710"
],
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.20.0"
},
{
"status": "affected",
"version": "Versions prior to 1.23.0"
},
{
"status": "affected",
"version": "Versions prior to 1.27.0"
},
{
"status": "affected",
"version": "Versions prior to 1.25.0"
},
{
"status": "affected",
"version": "Versions prior to 1.24.0"
}
]
}
]Related
prion
prion
Input validation
2023-12-22 18:15:00
nvd
nvd
CVE-2023-39251
2023-12-22 18:15:07
cve
cve
CVE-2023-39251
2023-12-22 18:15:07
nessus
nessus
Dell Client BIOS Improper Authentication (DSA-2023-342)
2023-12-28 00:00:00
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-39251