Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32469: DSA-2023-223: Security Update for a Dell Precision Tower BIOS Vulnerability

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CVE
#vulnerability#ios#bios#auth#dell

Impact

High

Details

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32469

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32469

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product

Software/Firmware

Affected Versions

Remediated Versions

BIOS Release Date

Update Link

Dell Precision 5820 Tower

BIOS

Versions prior to 2.32.0

2.32.0 or later

11/14/2023

Drivers & Downloads Link

Dell Precision 7820 Tower

BIOS

Versions prior to 2.36.0

2.36.0 or later

11/14/2023

Drivers & Downloads Link

Dell Precision 7920 Tower

BIOS

Versions prior to 2.36.0

2.36.0 or later

11/14/2023

Drivers & Downloads Link

Product

Software/Firmware

Affected Versions

Remediated Versions

BIOS Release Date

Update Link

Dell Precision 5820 Tower

BIOS

Versions prior to 2.32.0

2.32.0 or later

11/14/2023

Drivers & Downloads Link

Dell Precision 7820 Tower

BIOS

Versions prior to 2.36.0

2.36.0 or later

11/14/2023

Drivers & Downloads Link

Dell Precision 7920 Tower

BIOS

Versions prior to 2.36.0

2.36.0 or later

11/14/2023

Drivers & Downloads Link

Acknowledgements

Dell Technologies would like to thank another1024 for reporting this issue.

Revision History

Revision

Date

Description

1.0

2023-11-14

Initial Release

1.1

2023-11-15

Updated the Affected Products and Remediation Table: Added Update Links

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907