CVE-2023-32453

MEDIUM

4.6

Description

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

Details CVE

Score CVSS v3.14.6

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Vecteur d'attaquePHYSICAL

ComplexiteLOW

Privileges requisHIGH

Interaction utilisateurNONE

Publie8/16/2023

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

dell:alienware_m15_r7dell:alienware_m15_r7_firmwaredell:alienware_m16dell:alienware_m16_firmwaredell:alienware_m18dell:alienware_m18_firmwaredell:chengming_3900dell:chengming_3900_firmwaredell:chengming_3901dell:chengming_3901_firmwaredell:chengming_3910dell:chengming_3910_firmwaredell:chengming_3911dell:chengming_3911_firmwaredell:g15_5520dell:g15_5520_firmwaredell:g16_7620dell:g16_7620_firmwaredell:g3_3500dell:g3_3500_firmwaredell:g5_15_5500dell:g5_15_5500_firmwaredell:g7_15_7500dell:g7_15_7500_firmwaredell:g7_17_7700dell:g7_17_7700_firmwaredell:inspiron_14_5410dell:inspiron_14_5410_firmwaredell:inspiron_14_5418dell:inspiron_14_5418_firmwaredell:inspiron_15_3511dell:inspiron_15_3511_firmwaredell:inspiron_15_5510dell:inspiron_15_5510_firmwaredell:inspiron_15_5518dell:inspiron_15_5518_firmwaredell:inspiron_24_5420_all-in-onedell:inspiron_24_5420_all-in-one_firmwaredell:inspiron_24_5421_all-in-onedell:inspiron_24_5421_all-in-one_firmwaredell:inspiron_27_7720_all-in-onedell:inspiron_27_7720_all-in-one_firmwaredell:inspiron_3020_desktopdell:inspiron_3020_desktop_firmwaredell:inspiron_3020_small_desktopdell:inspiron_3020_small_desktop_firmwaredell:inspiron_3493dell:inspiron_3493_firmwaredell:inspiron_3511dell:inspiron_3511_firmwaredell:inspiron_3593dell:inspiron_3593_firmwaredell:inspiron_3793dell:inspiron_3793_firmwaredell:inspiron_3891dell:inspiron_3891_firmwaredell:inspiron_3910dell:inspiron_3910_firmwaredell:inspiron_5410dell:inspiron_5410_firmwaredell:inspiron_5493dell:inspiron_5493_firmwaredell:inspiron_5593dell:inspiron_5593_firmwaredell:inspiron_7300_2-in-1dell:inspiron_7300_2-in-1_firmwaredell:inspiron_7490dell:inspiron_7490_firmwaredell:inspiron_7500dell:inspiron_7500_2-in-1_blackdell:inspiron_7500_2-in-1_black_firmwaredell:inspiron_7500_firmwaredell:inspiron_7501dell:inspiron_7501_firmwaredell:inspiron_7510dell:inspiron_7510_firmwaredell:inspiron_7610dell:inspiron_7610_firmwaredell:latitude_3140dell:latitude_3140_firmwaredell:latitude_3301dell:latitude_3301_firmwaredell:latitude_3320dell:latitude_3320_firmwaredell:latitude_3330dell:latitude_3330_firmwaredell:latitude_3340dell:latitude_3340_firmwaredell:latitude_3400dell:latitude_3400_firmwaredell:latitude_3430dell:latitude_3430_firmwaredell:latitude_3440dell:latitude_3440_firmwaredell:latitude_3500dell:latitude_3500_firmwaredell:latitude_3530dell:latitude_3530_firmwaredell:latitude_3540dell:latitude_3540_firmwaredell:latitude_5420dell:latitude_5420_firmwaredell:latitude_5430dell:latitude_5430_firmwaredell:latitude_5431dell:latitude_5431_firmwaredell:latitude_7230_rugged_extreme_tabletdell:latitude_7230_rugged_extreme_tablet_firmwaredell:latitude_7320dell:latitude_7320_firmwaredell:latitude_7420dell:latitude_7420_firmwaredell:latitude_7520dell:latitude_7520_firmwaredell:latitude_9330dell:latitude_9330_firmwaredell:latitude_9520dell:latitude_9520_firmwaredell:latitude_rugged_5430dell:latitude_rugged_5430_firmwaredell:latitude_rugged_7330dell:latitude_rugged_7330_firmwaredell:optiplex_3000dell:optiplex_3000_firmwaredell:optiplex_3000_thin_clientdell:optiplex_3000_thin_client_firmwaredell:optiplex_5000dell:optiplex_5000_firmwaredell:optiplex_5090dell:optiplex_5090_firmwaredell:optiplex_5400_all-in-onedell:optiplex_5400_all-in-one_firmwaredell:optiplex_5490_all-in-onedell:optiplex_5490_all-in-one_firmwaredell:optiplex_7000dell:optiplex_7000_firmwaredell:optiplex_7090dell:optiplex_7090_firmwaredell:optiplex_7400_all-in-onedell:optiplex_7400_all-in-one_firmwaredell:optiplex_7410_all-in-onedell:optiplex_7410_all-in-one_firmwaredell:optiplex_7490_all-in-onedell:optiplex_7490_all-in-one_firmwaredell:optiplex_micro_plus_7010dell:optiplex_micro_plus_7010_firmwaredell:optiplex_small_form_factor_plus_7010dell:optiplex_small_form_factor_plus_7010_firmwaredell:optiplex_tower_plus_7010dell:optiplex_tower_plus_7010_firmwaredell:optiplex_xe4dell:optiplex_xe4_firmwaredell:precision_3260_compactdell:precision_3260_compact_firmwaredell:precision_3260_xe_compactdell:precision_3260_xe_compact_firmwaredell:precision_3450dell:precision_3450_firmwaredell:precision_3460_small_form_factordell:precision_3460_small_form_factor_firmwaredell:precision_3460_xe_small_form_factordell:precision_3460_xe_small_form_factor_firmwaredell:precision_3470dell:precision_3470_firmwaredell:precision_3650_towerdell:precision_3650_tower_firmwaredell:precision_3660dell:precision_3660_firmwaredell:precision_5470dell:precision_5470_firmwaredell:precision_5570dell:precision_5570_firmwaredell:precision_5680dell:precision_5680_firmwaredell:precision_5860_towerdell:precision_5860_tower_firmwaredell:precision_7960_towerdell:precision_7960_tower_firmwaredell:vostro_3020_sffdell:vostro_3020_sff_firmwaredell:vostro_3020_tdell:vostro_3020_t_firmwaredell:vostro_3510dell:vostro_3510_firmwaredell:vostro_3690dell:vostro_3690_firmwaredell:vostro_3710dell:vostro_3710_firmwaredell:vostro_3890dell:vostro_3890_firmwaredell:vostro_3910dell:vostro_3910_firmwaredell:vostro_5410dell:vostro_5410_firmwaredell:vostro_5491dell:vostro_5491_firmwaredell:vostro_5510dell:vostro_5510_firmwaredell:vostro_5591dell:vostro_5591_firmwaredell:vostro_5890dell:vostro_5890_firmwaredell:vostro_7500dell:vostro_7500_firmwaredell:vostro_7510dell:vostro_7510_firmwaredell:xps_13_7390dell:xps_13_7390_2-in-1dell:xps_13_7390_2-in-1_firmwaredell:xps_13_7390_firmwaredell:xps_13_9300dell:xps_13_9300_firmwaredell:xps_13_9305dell:xps_13_9305_firmwaredell:xps_13_9310dell:xps_13_9310_2-in-1dell:xps_13_9310_2-in-1_firmwaredell:xps_13_9310_firmwaredell:xps_13_9315dell:xps_13_9315_firmwaredell:xps_15_9520dell:xps_15_9520_firmware

Faiblesses (CWE)

CWE-287

References

https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios(security_alert@emc.com)

https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.