CVE-2023-24571: DSA-2023-046: Dell Client Platform Security Update for BIOS Vulnerabilities

Vaikutus

High

Tiedot

Proprietary Code CVEs

CVE Description

More information

CVE-2023-24571

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

Proprietary Code CVEs

CVE Description

More information

CVE-2023-24571

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

Product

BIOS Update Version

BIOS Release Date

Embedded Box PC 3000

1.18.0

03/10/2023

NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Product

BIOS Update Version

BIOS Release Date

Embedded Box PC 3000

1.18.0

03/10/2023

NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Keinoja ongelman kiertämiseen tai lieventämiseen

None

Versiohistoria

Revision

Date

Description

1.0

2023-03-15

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

15 maalisk. 2023