Headline
CVE-2023-32461: DSA-2023-292: Security Update for Dell PowerEdge Server BIOS Vulnerability
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.
Article Number: 000216543
Summary: Dell PowerEdge Server BIOS remediation is available for a Buffer Overflow Vulnerability that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Medium
Details
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-32461
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.
5.0
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-32461
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.
5.0
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation****Revision History
Revision
Date
Description
1.0
2023-09-14
Initial release
2.0
2023-09-15
Updated the list of “Affected Products” under “Article Properties”
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Additional Information
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Article Properties
Affected Product
Dell EMC XC Core XC450, Dell EMC XC Core XC650, Dell EMC XC Core XC6520, Dell EMC XC Core XC750, Dell EMC XC Core XC750xa, PowerEdge C6520, PowerEdge C6525, PowerEdge C6620, PowerEdge HS5610, PowerEdge HS5620, PowerEdge MX750c, PowerEdge MX760c , PowerEdge R250, PowerEdge R350, PowerEdge R450, PowerEdge R550, PowerEdge R650, PowerEdge R650xs, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R660xs, PowerEdge R6615, PowerEdge R6625, PowerEdge R750, PowerEdge R750XA, PowerEdge R750xs, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R7615, PowerEdge R7625, PowerEdge R860, PowerEdge R960, PowerEdge T150, PowerEdge T350, PowerEdge T550, PowerEdge T560, PowerEdge XE8545, PowerEdge XE8640, PowerEdge XE9680, PowerEdge XR11, PowerEdge XR12, PowerEdge XR4510c, PowerEdge XR4520c, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8620t, Dell EMC XC Core XC7525 …
Last Published Date
15 Sep 2023
Version
2
Article Type
Dell Security Advisory