CVE-2023-32472
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
9.2%
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | edge_gateway_3200_firmware | - | cpe:2.3:o:dell:edge_gateway_3200_firmware:-:*:*:*:*:*:*:* |
| dell | edge_gateway_3200 | - | cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:* |
| dell | edge_gateway_5200_firmware | * | cpe:2.3:o:dell:edge_gateway_5200_firmware:*:*:*:*:*:*:*:* |
| dell | edge_gateway_5200 | - | cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
9.2%