CVE-2023-32469

Published Nov 16, 2023

Last updated a year ago

CVSS medium 6.7

Overview

Description: Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-20
security_alert@emc.com: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D9FE138-FF30-4105-94D6-80E1EA7D7B3C",
            "versionEndExcluding": "2.32.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E12F96DC-54C7-4891-8723-D1B240165CBC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D5945F9-7C84-4CB7-82B8-1706AAF683FF",
            "versionEndExcluding": "2.36.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FA0FD696-4C1F-416C-95EB-36FEA77BEB6F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0B22610-AFC8-40EA-AB4D-179038E0D1D6",
            "versionEndExcluding": "2.36.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0BCCF11B-05BD-4E70-AD26-6B26A7E701FA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References