Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32480: DSA-2023-175: Dell Client BIOS Security Update for an Improper Input Validation Vulnerability

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

CVE
#vulnerability#ios#amd#bios#auth#dell

Vaikutus

Medium

Tiedot

Proprietary Code CVE(s)

CVE Description

More Information

CVE-2023-32480

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H See NVD (http://nvd.nist.gov/) for individual scores for each CVE

Proprietary Code CVE(s)

CVE Description

More Information

CVE-2023-32480

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H See NVD (http://nvd.nist.gov/) for individual scores for each CVE

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

Product

BIOS Update Version

BIOS Release Date

Alienware m15 R7

1.17.0

05/29/2023

Dell G15 5510

1.19.0

05/05/2023

Dell G15 5520

1.17.0

05/29/2023

Inspiron 14 5410/5418

2.19.1

06/09/2023

Inspiron 15 5510/5518

2.19.1

06/09/2023

Inspiron 16 7620 2-in-1

1.12.1

06/12/2023

Inspiron 3520

1.15.0

05/16/2023

Inspiron 5410

2.19.1

06/09/2023

Inspiron 5420

1.14.1

05/25/2023

Inspiron 5620

1.14.1

05/25/2023

Inspiron 7420

1.12.1

06/12/2023

Inspiron 7510

1.16.1

06/12/2023

Inspiron 7610

1.16.1

06/12/2023

Latitude 3320

1.22.2

06/12/2023

Latitude 3420

1.29.0

06/09/2023

Latitude 3430

1.10.1

06/12/2023

Latitude 3520

1.29.0

06/09/2023

Latitude 3530

1.10.1

06/12/2023

Precision 5760

1.20.1

06/10/2023

Precision 5770

1.17.1

06/10/2023

Vostro 3420

1.15.0

05/16/2023

Vostro 3520

1.15.0

05/16/2023

Vostro 5410

2.19.1

06/09/2023

Vostro 5510

2.19.1

06/09/2023

Vostro 5620

1.14.1

05/25/2023

Vostro 7510

1.16.1

06/12/2023

XPS 13 9315 2-in-1

1.8.1

06/10/2023

XPS 17 9710

1.20.1

06/10/2023

XPS 17 9720

1.17.1

06/10/2023

NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Product

BIOS Update Version

BIOS Release Date

Alienware m15 R7

1.17.0

05/29/2023

Dell G15 5510

1.19.0

05/05/2023

Dell G15 5520

1.17.0

05/29/2023

Inspiron 14 5410/5418

2.19.1

06/09/2023

Inspiron 15 5510/5518

2.19.1

06/09/2023

Inspiron 16 7620 2-in-1

1.12.1

06/12/2023

Inspiron 3520

1.15.0

05/16/2023

Inspiron 5410

2.19.1

06/09/2023

Inspiron 5420

1.14.1

05/25/2023

Inspiron 5620

1.14.1

05/25/2023

Inspiron 7420

1.12.1

06/12/2023

Inspiron 7510

1.16.1

06/12/2023

Inspiron 7610

1.16.1

06/12/2023

Latitude 3320

1.22.2

06/12/2023

Latitude 3420

1.29.0

06/09/2023

Latitude 3430

1.10.1

06/12/2023

Latitude 3520

1.29.0

06/09/2023

Latitude 3530

1.10.1

06/12/2023

Precision 5760

1.20.1

06/10/2023

Precision 5770

1.17.1

06/10/2023

Vostro 3420

1.15.0

05/16/2023

Vostro 3520

1.15.0

05/16/2023

Vostro 5410

2.19.1

06/09/2023

Vostro 5510

2.19.1

06/09/2023

Vostro 5620

1.14.1

05/25/2023

Vostro 7510

1.16.1

06/12/2023

XPS 13 9315 2-in-1

1.8.1

06/10/2023

XPS 17 9710

1.20.1

06/10/2023

XPS 17 9720

1.17.1

06/10/2023

NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Keinoja ongelman kiertämiseen tai lieventämiseen

None.

Versiohistoria

Revision

Date

Description

1.0

2023-06-13

Initial Release

2.0

2023-06-21

Updated the CVE Identifier and Proprietary Code fields with the correct assigned CVE ID: CVE-2023-32480

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Alienware M15, Alienware m15 R7 AMD, Alienware m15 R7, Alienware m15, XPS 17, Dell G15 5510, Dell G15 5520, Inspiron 14 5410/5418, Inspiron 3520 (End of Life), Inspiron 15 5510/5518, Inspiron 16 7620 2-in-1, Latitude 3320, Latitude 3420 , Latitude 3430, Latitude 3520, Latitude 3530, Precision 5760, Precision 5770, Vostro 3420, Vostro 3520, Vostro 5620, XPS 13 9315 2-in-1, XPS 13 9315, XPS 17 9710, XPS 17 9720 …

22 kesäk. 2023

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907