Lucene search

[email protected]NVD:CVE-2023-32471

HistoryJul 24, 2024 - 8:15 a.m.

CVE-2023-32471

2024-07-2408:15:02

CWE-125

[email protected]

web.nvd.nist.gov

dell edge gateway

bios

out-of-bounds read

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

EPSS

Percentile

9.4%

JSON

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.

Affected configurations

Nvd

Node

delledge_gateway_3200_firmwareMatch-

AND

delledge_gateway_3200Match-

Node

delledge_gateway_5200_firmwareMatch-

AND

delledge_gateway_5200Match-

Node

dellprecision_3930_rack_firmwareMatch-

AND

dellprecision_3930_rackMatch-

Node

delloptiplex_7080_firmwareMatch-

AND

delloptiplex_7080Match-

Node

dellprecision_5520_firmwareMatch-

AND

dellprecision_5520Match-

Node

dellinspiron_7460_firmwareMatch-

AND

dellinspiron_7460Match-

Node

dellprecision_5820_tower_firmwareMatch-

AND

dellprecision_5820_towerMatch-

Node

dellg5_5587_firmwareMatch-

AND

dellg5_5587Match-

Node

dellg7_7588_firmwareMatch-

AND

dellg7_7588Match-

Node

dellvostro_15_7580_firmwareMatch-

AND

dellvostro_15_7580Match-

VendorProductVersionCPE
delledge_gateway_3200_firmware-cpe:2.3:o:dell:edge_gateway_3200_firmware:-:*:*:*:*:*:*:*
delledge_gateway_3200-cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:*
delledge_gateway_5200_firmware-cpe:2.3:o:dell:edge_gateway_5200_firmware:-:*:*:*:*:*:*:*
delledge_gateway_5200-cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:*
dellprecision_3930_rack_firmware-cpe:2.3:o:dell:precision_3930_rack_firmware:-:*:*:*:*:*:*:*
dellprecision_3930_rack-cpe:2.3:h:dell:precision_3930_rack:-:*:*:*:*:*:*:*
delloptiplex_7080_firmware-cpe:2.3:o:dell:optiplex_7080_firmware:-:*:*:*:*:*:*:*
delloptiplex_7080-cpe:2.3:h:dell:optiplex_7080:-:*:*:*:*:*:*:*
dellprecision_5520_firmware-cpe:2.3:o:dell:precision_5520_firmware:-:*:*:*:*:*:*:*
dellprecision_5520-cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	edge_gateway_3200_firmware	-	cpe:2.3:o:dell:edge_gateway_3200_firmware:-:::::::*
dell	edge_gateway_3200	-	cpe:2.3:h:dell:edge_gateway_3200:-:::::::*
dell	edge_gateway_5200_firmware	-	cpe:2.3:o:dell:edge_gateway_5200_firmware:-:::::::*
dell	edge_gateway_5200	-	cpe:2.3:h:dell:edge_gateway_5200:-:::::::*
dell	precision_3930_rack_firmware	-	cpe:2.3:o:dell:precision_3930_rack_firmware:-:::::::*
dell	precision_3930_rack	-	cpe:2.3:h:dell:precision_3930_rack:-:::::::*
dell	optiplex_7080_firmware	-	cpe:2.3:o:dell:optiplex_7080_firmware:-:::::::*
dell	optiplex_7080	-	cpe:2.3:h:dell:optiplex_7080:-:::::::*
dell	precision_5520_firmware	-	cpe:2.3:o:dell:precision_5520_firmware:-:::::::*
dell	precision_5520	-	cpe:2.3:h:dell:precision_5520:-:::::::*

Rows per page:

1-10 of 201

References

www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

EPSS

Percentile

9.4%

JSON

Related for NVD:CVE-2023-32471

vulnrichment1 cvelist1 cve1