Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32453: DSA-2023-190: Security Update for a Dell Client BIOS Vulnerability

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

CVE
#vulnerability#ios#bios#auth#dell

Vaikutus

Medium

Tiedot

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32453

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

4.6

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32453

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

4.6

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

Product

Software/Firmware

Affected Versions

Remediated Versions

BIOS Release Date

Link

Alienware m15 R7

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G15 5520

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G16 7620

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G3 3500

BIOS

Versions prior to 1.26.0

Version 1.26.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G5 15 5500

BIOS

Versions prior to 1.26.0

Version 1.26.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 24 5420 All-in-One
Inspiron 24 5421 All-in-One

BIOS

Versions prior to 1.4.0

Version 1.4.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 27 7720 All-in-One

BIOS

Versions prior to 1.4.0

Version 1.4.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3493

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3593

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3793

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 5493

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 5593

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 7490

BIOS

Versions prior to 1.22.0

Version 1.22.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Latitude 3140

BIOS

Versions prior to 1.8.0

Version 1.8.0 or later

07/28/2023

Go to the Drivers & Downloads site for updates.

Latitude 7230 Rugged Extreme Tablet

BIOS

Versions prior to 1.8.0

Version 1.8.0 or later

07/31/2023

Go to the Drivers & Downloads site for updates.

OptiPlex 7090

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/03/2023

Go to the Drivers & Downloads site for updates.

Precision 3450

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Precision 7960 Tower

BIOS

Versions prior to 1.0.8

Version 1.0.8 or later

07/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5491

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5591

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5890

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/03/2023

Go to the Drivers & Downloads site for updates.

Product

Software/Firmware

Affected Versions

Remediated Versions

BIOS Release Date

Link

Alienware m15 R7

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G15 5520

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G16 7620

BIOS

Versions prior to 1.18.0

Version 1.18.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G3 3500

BIOS

Versions prior to 1.26.0

Version 1.26.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Dell G5 15 5500

BIOS

Versions prior to 1.26.0

Version 1.26.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 24 5420 All-in-One
Inspiron 24 5421 All-in-One

BIOS

Versions prior to 1.4.0

Version 1.4.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 27 7720 All-in-One

BIOS

Versions prior to 1.4.0

Version 1.4.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3493

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3593

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 3793

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 5493

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 5593

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Inspiron 7490

BIOS

Versions prior to 1.22.0

Version 1.22.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Latitude 3140

BIOS

Versions prior to 1.8.0

Version 1.8.0 or later

07/28/2023

Go to the Drivers & Downloads site for updates.

Latitude 7230 Rugged Extreme Tablet

BIOS

Versions prior to 1.8.0

Version 1.8.0 or later

07/31/2023

Go to the Drivers & Downloads site for updates.

OptiPlex 7090

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/03/2023

Go to the Drivers & Downloads site for updates.

Precision 3450

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Precision 7960 Tower

BIOS

Versions prior to 1.0.8

Version 1.0.8 or later

07/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5491

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5591

BIOS

Versions prior to 1.27.0

Version 1.27.0 or later

08/07/2023

Go to the Drivers & Downloads site for updates.

Vostro 5890

BIOS

Versions prior to 1.19.0

Version 1.19.0 or later

08/03/2023

Go to the Drivers & Downloads site for updates.

Versiohistoria

Revision

Date

Description

1.0

2023-08-08

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Lisätietoja

NOTE: The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Alienware m15 R7, Dell G5 15 5500, Dell G15 5520, Dell G16 7620, Inspiron 3493, Inspiron 3593, Inspiron 3793, Inspiron 24 5420 All-in-One, Inspiron 24 5421 All-in-One, Inspiron 27 7720 All-in-One

Inspiron 5493, Inspiron 7490, Inspiron 5593, Latitude 3140, Latitude 7230 Rugged Extreme Tablet, OptiPlex 7090 Micro, OptiPlex 7090 Small Form Factor, OptiPlex 7090 Ultra, Precision 3450 XE Small Form Factor, Precision 3450 Small Form Factor , Precision 7960 Tower, Vostro 5890 …

09 elok. 2023

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907