Headline
CVE-2023-32469: DSA-2023-223: Security Update for a Dell Precision Tower BIOS Vulnerability
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.
Impact
High
Details
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-32469
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2023-32469
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
Product
Software/Firmware
Affected Versions
Remediated Versions
BIOS Release Date
Update Link
Dell Precision 5820 Tower
BIOS
Versions prior to 2.32.0
2.32.0 or later
11/14/2023
Drivers & Downloads Link
Dell Precision 7820 Tower
BIOS
Versions prior to 2.36.0
2.36.0 or later
11/14/2023
Drivers & Downloads Link
Dell Precision 7920 Tower
BIOS
Versions prior to 2.36.0
2.36.0 or later
11/14/2023
Drivers & Downloads Link
Product
Software/Firmware
Affected Versions
Remediated Versions
BIOS Release Date
Update Link
Dell Precision 5820 Tower
BIOS
Versions prior to 2.32.0
2.32.0 or later
11/14/2023
Drivers & Downloads Link
Dell Precision 7820 Tower
BIOS
Versions prior to 2.36.0
2.36.0 or later
11/14/2023
Drivers & Downloads Link
Dell Precision 7920 Tower
BIOS
Versions prior to 2.36.0
2.36.0 or later
11/14/2023
Drivers & Downloads Link
Acknowledgements
Dell Technologies would like to thank another1024 for reporting this issue.
Revision History
Revision
Date
Description
1.0
2023-11-14
Initial Release
1.1
2023-11-15
Updated the Affected Products and Remediation Table: Added Update Links
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide