CVE-2023-39251

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-39251
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:inspiron_7610_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7610:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:latitude_5430_rugged_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_5430_rugged:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:latitude_5521_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_5521:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:latitude_7330_rugged_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_7330_rugged:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:precision_3561_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3561:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:precision_5560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5560:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:precision_5760_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5760:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:precision_7560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7560:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:precision_7760_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7760:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:vostro_7510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_7510:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:xps_15_9510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_15_9510:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:xps_17_9710_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_17_9710:-:*:*:*:*:*:*:*
History

21 Nov 2024, 08:14

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 - Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 - Vendor Advisory

04 Jan 2024, 14:53

Type Values Removed Values Added
CPE cpe:2.3:h:dell:xps_15_9510:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_17_9710:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7760:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_5430_rugged:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_7760_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_7610_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xps_17_9710_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7610:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_3561_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_7330_rugged:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5560:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_7510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3561:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_7560:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:latitude_5521:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:xps_15_9510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_5560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_5521_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_5760_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_5430_rugged_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5760:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:latitude_7330_rugged_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_7510:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_7560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*
References () https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 - () https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342 - Vendor Advisory
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.7
First Time Dell inspiron 7510 Firmware
Dell vostro 7510 Firmware
Dell latitude 5430 Rugged
Dell precision 5560
Dell precision 5760
Dell latitude 7330 Rugged Firmware
Dell inspiron 7610
Dell latitude 7330 Rugged
Dell latitude 5521 Firmware
Dell precision 7560 Firmware
Dell precision 5560 Firmware
Dell xps 15 9510 Firmware
Dell inspiron 7610 Firmware
Dell precision 5760 Firmware
Dell precision 7560
Dell xps 17 9710
Dell xps 15 9510
Dell precision 7760
Dell xps 17 9710 Firmware
Dell
Dell latitude 5521
Dell vostro 7510
Dell latitude 5430 Rugged Firmware
Dell inspiron 7510
Dell precision 3561
Dell precision 3561 Firmware
Dell precision 7760 Firmware

22 Dec 2023, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-22 18:15

Updated : 2024-11-21 08:14

NVD link : CVE-2023-39251

Mitre link : CVE-2023-39251

CVE.ORG link : CVE-2023-39251

JSON object : View

Products Affected

dell

  • latitude_7330_rugged
  • inspiron_7510_firmware
  • latitude_7330_rugged_firmware
  • latitude_5430_rugged_firmware
  • xps_15_9510_firmware
  • xps_17_9710_firmware
  • precision_5760_firmware
  • latitude_5430_rugged
  • precision_3561
  • precision_3561_firmware
  • precision_7760_firmware
  • vostro_7510
  • inspiron_7610
  • vostro_7510_firmware
  • precision_5560_firmware
  • precision_7760
  • latitude_5521_firmware
  • precision_5560
  • inspiron_7510
  • precision_7560_firmware
  • xps_17_9710
  • xps_15_9510
  • latitude_5521
  • precision_7560
  • precision_5760
  • inspiron_7610_firmware
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024