CVE-2023-32475

{"id": "CVE-2023-32475", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.9}]}, "published": "2024-06-07T03:15:08.950", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability", "source": "security_alert@emc.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-353"}]}], "descriptions": [{"lang": "en", "value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."}, {"lang": "es", "value": "El BIOS de Dell contiene una falta de soporte para la vulnerabilidad de verificaci\u00f3n de integridad. Un atacante con acceso f\u00edsico al sistema podr\u00eda potencialmente eludir los mecanismos de seguridad para ejecutar c\u00f3digo arbitrario en el sistema."}], "lastModified": "2024-06-07T14:56:05.647", "sourceIdentifier": "security_alert@emc.com"}