CVE-2023-32469

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-32469
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000216242/dsa-2023-223-security-update-for-a-dell-precision-tower-bios-vulnerability Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*
History

29 Nov 2023, 19:49

Type Values Removed Values Added
CPE cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.7
CWE CWE-20
First Time Dell
Dell precision 7920
Dell precision 7820
Dell precision 7820 Firmware
Dell precision 7920 Firmware
Dell precision 5820 Firmware
Dell precision 5820
References () https://www.dell.com/support/kbdoc/en-us/000216242/dsa-2023-223-security-update-for-a-dell-precision-tower-bios-vulnerability - () https://www.dell.com/support/kbdoc/en-us/000216242/dsa-2023-223-security-update-for-a-dell-precision-tower-bios-vulnerability - Vendor Advisory

16 Nov 2023, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-11-16 09:15

Updated : 2024-02-28 20:54

NVD link : CVE-2023-32469

Mitre link : CVE-2023-32469

CVE.ORG link : CVE-2023-32469

JSON object : View

Products Affected

dell

  • precision_7920_firmware
  • precision_7920
  • precision_7820
  • precision_5820
  • precision_7820_firmware
  • precision_5820_firmware
CWE
CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024