Lucene search

[email protected]NVD:CVE-2023-39251

HistoryDec 22, 2023 - 6:15 p.m.

CVE-2023-39251

2023-12-2218:15:07

CWE-20

[email protected]

web.nvd.nist.gov

dell bios

input validation

vulnerability

memory corruption

local user

high privileges

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.

Affected configurations

Nvd

Node

dellinspiron_7510Match-

AND

dellinspiron_7510_firmwareRange<1.20.0

Node

dellinspiron_7610Match-

AND

dellinspiron_7610_firmwareRange<1.20.0

Node

delllatitude_5430_ruggedMatch-

AND

delllatitude_5430_rugged_firmwareRange<1.23.0

Node

delllatitude_5521Match-

AND

delllatitude_5521_firmwareRange<1.27.0

Node

delllatitude_7330_ruggedMatch-

AND

delllatitude_7330_rugged_firmwareRange<1.23.0

Node

dellprecision_3561Match-

AND

dellprecision_3561_firmwareRange<1.27.0

Node

dellprecision_5560Match-

AND

dellprecision_5560_firmwareRange<1.25.0

Node

dellprecision_5760Match-

AND

dellprecision_5760_firmwareRange<1.24.0

Node

dellprecision_7560_firmwareRange<1.27.0

AND

dellprecision_7560Match-

Node

dellprecision_7760_firmwareRange<1.27.0

AND

dellprecision_7760Match-

Node

dellvostro_7510_firmwareRange<1.20.0

AND

dellvostro_7510Match-

Node

dellxps_15_9510_firmwareRange<1.25.0

AND

dellxps_15_9510Match-

Node

dellxps_17_9710_firmwareRange<1.24.0

AND

dellxps_17_9710Match-

VendorProductVersionCPE
dellinspiron_7510-cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*
dellinspiron_7510_firmware*cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*
dellinspiron_7610-cpe:2.3:h:dell:inspiron_7610:-:*:*:*:*:*:*:*
dellinspiron_7610_firmware*cpe:2.3:o:dell:inspiron_7610_firmware:*:*:*:*:*:*:*:*
delllatitude_5430_rugged-cpe:2.3:h:dell:latitude_5430_rugged:-:*:*:*:*:*:*:*
delllatitude_5430_rugged_firmware*cpe:2.3:o:dell:latitude_5430_rugged_firmware:*:*:*:*:*:*:*:*
delllatitude_5521-cpe:2.3:h:dell:latitude_5521:-:*:*:*:*:*:*:*
delllatitude_5521_firmware*cpe:2.3:o:dell:latitude_5521_firmware:*:*:*:*:*:*:*:*
delllatitude_7330_rugged-cpe:2.3:h:dell:latitude_7330_rugged:-:*:*:*:*:*:*:*
delllatitude_7330_rugged_firmware*cpe:2.3:o:dell:latitude_7330_rugged_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	inspiron_7510	-	cpe:2.3:h:dell:inspiron_7510:-:::::::*
dell	inspiron_7510_firmware	*	cpe:2.3:o:dell:inspiron_7510_firmware::::::::
dell	inspiron_7610	-	cpe:2.3:h:dell:inspiron_7610:-:::::::*
dell	inspiron_7610_firmware	*	cpe:2.3:o:dell:inspiron_7610_firmware::::::::
dell	latitude_5430_rugged	-	cpe:2.3:h:dell:latitude_5430_rugged:-:::::::*
dell	latitude_5430_rugged_firmware	*	cpe:2.3:o:dell:latitude_5430_rugged_firmware::::::::
dell	latitude_5521	-	cpe:2.3:h:dell:latitude_5521:-:::::::*
dell	latitude_5521_firmware	*	cpe:2.3:o:dell:latitude_5521_firmware::::::::
dell	latitude_7330_rugged	-	cpe:2.3:h:dell:latitude_7330_rugged:-:::::::*
dell	latitude_7330_rugged_firmware	*	cpe:2.3:o:dell:latitude_7330_rugged_firmware::::::::