Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32461: DSA-2023-292: Security Update for Dell PowerEdge Server BIOS Vulnerability

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

CVE
#vulnerability#ios#bios#buffer_overflow#dell

Article Number: 000216543

Summary: Dell PowerEdge Server BIOS remediation is available for a Buffer Overflow Vulnerability that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

Medium

Details

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32461

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

5.0

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32461

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

5.0

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation****Revision History

Revision

Date

Description

1.0

2023-09-14

Initial release

2.0

2023-09-15

Updated the list of “Affected Products” under “Article Properties”

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Additional Information

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Article Properties

Affected Product

Dell EMC XC Core XC450, Dell EMC XC Core XC650, Dell EMC XC Core XC6520, Dell EMC XC Core XC750, Dell EMC XC Core XC750xa, PowerEdge C6520, PowerEdge C6525, PowerEdge C6620, PowerEdge HS5610, PowerEdge HS5620, PowerEdge MX750c, PowerEdge MX760c , PowerEdge R250, PowerEdge R350, PowerEdge R450, PowerEdge R550, PowerEdge R650, PowerEdge R650xs, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R660xs, PowerEdge R6615, PowerEdge R6625, PowerEdge R750, PowerEdge R750XA, PowerEdge R750xs, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R7615, PowerEdge R7625, PowerEdge R860, PowerEdge R960, PowerEdge T150, PowerEdge T350, PowerEdge T550, PowerEdge T560, PowerEdge XE8545, PowerEdge XE8640, PowerEdge XE9680, PowerEdge XR11, PowerEdge XR12, PowerEdge XR4510c, PowerEdge XR4520c, PowerEdge XR5610, PowerEdge XR7620, PowerEdge XR8620t, Dell EMC XC Core XC7525 …

Last Published Date

15 Sep 2023

Version

2

Article Type

Dell Security Advisory

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907