Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32453

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

Published

2023-08-16T20:15:09.560

Last Modified

2024-11-21T08:03:22.940

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	alienware_m15_r7_firmware	< 1.18.0	Yes
Hardware	dell	alienware_m15_r7	-	No
Operating System	dell	alienware_m16_firmware	< 1.10.1	Yes
Hardware	dell	alienware_m16	-	No
Operating System	dell	alienware_m18_firmware	< 1.10.1	Yes
Hardware	dell	alienware_m18	-	No
Operating System	dell	chengming_3900_firmware	< 1.15.0	Yes
Hardware	dell	chengming_3900	-	No
Operating System	dell	chengming_3901_firmware	< 1.15.0	Yes
Hardware	dell	chengming_3901	-	No
Operating System	dell	chengming_3910_firmware	< 1.6.0	Yes
Hardware	dell	chengming_3910	-	No
Operating System	dell	chengming_3911_firmware	< 1.6.0	Yes
Hardware	dell	chengming_3911	-	No
Operating System	dell	g15_5520_firmware	< 1.18.0	Yes
Hardware	dell	g15_5520	-	No
Operating System	dell	g16_7620_firmware	< 1.18.0	Yes
Hardware	dell	g16_7620	-	No
Operating System	dell	g3_3500_firmware	< 1.26.0	Yes
Hardware	dell	g3_3500	-	No
Operating System	dell	g5_15_5500_firmware	< 1.26.0	Yes
Hardware	dell	g5_15_5500	-	No
Operating System	dell	g7_15_7500_firmware	< 1.26.0	Yes
Hardware	dell	g7_15_7500	-	No
Operating System	dell	g7_17_7700_firmware	< 1.26.0	Yes
Hardware	dell	g7_17_7700	-	No
Operating System	dell	precision_5680_firmware	< 1.4.1	Yes
Hardware	dell	precision_5680	-	No
Operating System	dell	inspiron_14_5410_firmware	< 2.20.0	Yes
Hardware	dell	inspiron_14_5410	-	No
Operating System	dell	inspiron_14_5418_firmware	< 2.20.0	Yes
Hardware	dell	inspiron_14_5418	-	No
Operating System	dell	inspiron_15_3511_firmware	< 1.23.0	Yes
Hardware	dell	inspiron_15_3511	-	No
Operating System	dell	inspiron_15_5510_firmware	< 2.20.0	Yes
Hardware	dell	inspiron_15_5510	-	No
Operating System	dell	inspiron_15_5518_firmware	< 2.20.0	Yes
Hardware	dell	inspiron_15_5518	-	No
Operating System	dell	inspiron_24_5420_all-in-one_firmware	< 1.4.0	Yes
Hardware	dell	inspiron_24_5420_all-in-one	-	No
Operating System	dell	inspiron_24_5421_all-in-one_firmware	< 1.4.0	Yes
Hardware	dell	inspiron_24_5421_all-in-one	-	No
Operating System	dell	inspiron_27_7720_all-in-one_firmware	< 1.4.0	Yes
Hardware	dell	inspiron_27_7720_all-in-one	-	No
Operating System	dell	inspiron_3020_small_desktop_firmware	≤ 1.6.0	Yes
Hardware	dell	inspiron_3020_small_desktop	-	No
Operating System	dell	inspiron_3020_desktop_firmware	< 1.6.0	Yes
Hardware	dell	inspiron_3020_desktop	-	No
Operating System	dell	inspiron_3493_firmware	< 1.27.0	Yes
Hardware	dell	inspiron_3493	-	No
Operating System	dell	inspiron_3511_firmware	< 1.23.0	Yes
Hardware	dell	inspiron_3511	-	No
Operating System	dell	inspiron_3593_firmware	< 1.27.0	Yes
Hardware	dell	inspiron_3593	-	No
Operating System	dell	inspiron_3793_firmware	< 1.27.0	Yes
Hardware	dell	inspiron_3793	-	No
Operating System	dell	inspiron_3891_firmware	< 1.19.0	Yes
Hardware	dell	inspiron_3891	-	No
Operating System	dell	inspiron_3910_firmware	< 1.15.0	Yes
Hardware	dell	inspiron_3910	-	No
Operating System	dell	inspiron_5410_firmware	< 2.20.0	Yes
Hardware	dell	inspiron_5410	-	No
Operating System	dell	inspiron_5493_firmware	< 1.27.0	Yes
Hardware	dell	inspiron_5493	-	No
Operating System	dell	inspiron_5593_firmware	< 1.27.0	Yes
Hardware	dell	inspiron_5593	-	No
Operating System	dell	inspiron_7300_2-in-1_firmware	< 1.19.0	Yes
Hardware	dell	inspiron_7300_2-in-1	-	No
Operating System	dell	inspiron_7490_firmware	< 1.22.0	Yes
Hardware	dell	inspiron_7490	-	No
Operating System	dell	inspiron_7500_firmware	< 1.24.0	Yes
Hardware	dell	inspiron_7500	-	No
Operating System	dell	inspiron_7500_2-in-1_black_firmware	< 1.19.0	Yes
Hardware	dell	inspiron_7500_2-in-1_black	-	No
Operating System	dell	inspiron_7501_firmware	< 1.24.0	Yes
Hardware	dell	inspiron_7501	-	No
Operating System	dell	inspiron_7510_firmware	< 1.17.0	Yes
Hardware	dell	inspiron_7510	-	No
Operating System	dell	inspiron_7610_firmware	< 1.17.0	Yes
Hardware	dell	inspiron_7610	-	No
Operating System	dell	latitude_3140_firmware	< 1.8.0	Yes
Hardware	dell	latitude_3140	-	No
Operating System	dell	latitude_3301_firmware	< 1.27.0	Yes
Hardware	dell	latitude_3301	-	No
Operating System	dell	latitude_3320_firmware	< 1.23.0	Yes
Hardware	dell	latitude_3320	-	No
Operating System	dell	latitude_3330_firmware	< 1.15.0	Yes
Hardware	dell	latitude_3330	-	No
Operating System	dell	latitude_3340_firmware	< 1.6.0	Yes
Hardware	dell	latitude_3340	-	No
Operating System	dell	latitude_3400_firmware	< 1.29.0	Yes
Hardware	dell	latitude_3400	-	No
Operating System	dell	latitude_3430_firmware	< 1.12.0	Yes
Hardware	dell	latitude_3430	-	No
Operating System	dell	latitude_3440_firmware	< 1.6.0	Yes
Hardware	dell	latitude_3440	-	No
Operating System	dell	latitude_3500_firmware	< 1.29.0	Yes
Hardware	dell	latitude_3500	-	No
Operating System	dell	latitude_3530_firmware	< 1.12.0	Yes
Hardware	dell	latitude_3530	-	No
Operating System	dell	latitude_3540_firmware	< 1.6.0	Yes
Hardware	dell	latitude_3540	-	No
Operating System	dell	latitude_5420_firmware	< 1.30.0	Yes
Hardware	dell	latitude_5420	-	No
Operating System	dell	latitude_5430_firmware	< 1.15.0	Yes
Hardware	dell	latitude_5430	-	No
Operating System	dell	latitude_5431_firmware	< 1.15.0	Yes
Hardware	dell	latitude_5431	-	No
Operating System	dell	latitude_7230_rugged_extreme_tablet_firmware	< 1.8.0	Yes
Hardware	dell	latitude_7230_rugged_extreme_tablet	-	No
Operating System	dell	latitude_7320_firmware	< 1.28.0	Yes
Hardware	dell	latitude_7320	-	No
Operating System	dell	latitude_7420_firmware	< 1.28.0	Yes
Hardware	dell	latitude_7420	-	No
Operating System	dell	latitude_7520_firmware	< 1.28.0	Yes
Hardware	dell	latitude_7520	-	No
Operating System	dell	latitude_9330_firmware	< 1.13.0	Yes
Hardware	dell	latitude_9330	-	No
Operating System	dell	latitude_9520_firmware	< 1.24.0	Yes
Hardware	dell	latitude_9520	-	No
Operating System	dell	latitude_rugged_5430_firmware	< 1.20.0	Yes
Hardware	dell	latitude_rugged_5430	-	No
Operating System	dell	latitude_rugged_7330_firmware	< 1.20.0	Yes
Hardware	dell	latitude_rugged_7330	-	No
Operating System	dell	optiplex_3000_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_3000	-	No
Operating System	dell	optiplex_3000_thin_client_firmware	< 1.11.0	Yes
Hardware	dell	optiplex_3000_thin_client	-	No
Operating System	dell	optiplex_5000_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_5000	-	No
Operating System	dell	optiplex_5090_firmware	< 1.19.0	Yes
Hardware	dell	optiplex_5090	-	No
Operating System	dell	optiplex_5400_all-in-one_firmware	< 1.1.30	Yes
Hardware	dell	optiplex_5400_all-in-one	-	No
Operating System	dell	optiplex_5490_all-in-one_firmware	< 1.23.0	Yes
Hardware	dell	optiplex_5490_all-in-one	-	No
Operating System	dell	optiplex_7000_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_7000	-	No
Operating System	dell	optiplex_7090_firmware	< 1.19.0	Yes
Hardware	dell	optiplex_7090	-	No
Operating System	dell	optiplex_7400_all-in-one_firmware	< 1.1.30	Yes
Hardware	dell	optiplex_7400_all-in-one	-	No
Operating System	dell	optiplex_7490_all-in-one_firmware	< 1.23.0	Yes
Hardware	dell	optiplex_7490_all-in-one	-	No
Operating System	dell	optiplex_7410_all-in-one_firmware	< 1.6.0	Yes
Hardware	dell	optiplex_7410_all-in-one	-	No
Operating System	dell	optiplex_micro_plus_7010_firmware	< 1.6.0	Yes
Hardware	dell	optiplex_micro_plus_7010	-	No
Operating System	dell	optiplex_small_form_factor_plus_7010_firmware	< 1.6.0	Yes
Hardware	dell	optiplex_small_form_factor_plus_7010	-	No
Operating System	dell	optiplex_tower_plus_7010_firmware	< 1.6.0	Yes
Hardware	dell	optiplex_tower_plus_7010	-	No
Operating System	dell	optiplex_xe4_firmware	< 1.15.0	Yes
Hardware	dell	optiplex_xe4	-	No
Operating System	dell	precision_3260_xe_compact_firmware	< 2.7.0	Yes
Hardware	dell	precision_3260_xe_compact	-	No
Operating System	dell	precision_3260_compact_firmware	< 2.7.0	Yes
Hardware	dell	precision_3260_compact	-	No
Operating System	dell	precision_3450_firmware	< 1.19.0	Yes
Hardware	dell	precision_3450	-	No
Operating System	dell	precision_3460_xe_small_form_factor_firmware	< 2.7.0	Yes
Hardware	dell	precision_3460_xe_small_form_factor	-	No
Operating System	dell	precision_3460_small_form_factor_firmware	< 2.7.0	Yes
Hardware	dell	precision_3460_small_form_factor	-	No
Operating System	dell	precision_3470_firmware	< 1.15.0	Yes
Hardware	dell	precision_3470	-	No
Operating System	dell	precision_3650_tower_firmware	< 1.24.0	Yes
Hardware	dell	precision_3650_tower	-	No
Operating System	dell	precision_3660_firmware	< 2.7.0	Yes
Hardware	dell	precision_3660	-	No
Operating System	dell	precision_5470_firmware	< 1.15.0	Yes
Hardware	dell	precision_5470	-	No
Operating System	dell	precision_5570_firmware	< 1.16.0	Yes
Hardware	dell	precision_5570	-	No
Operating System	dell	precision_5860_tower_firmware	< 1.0.10	Yes
Hardware	dell	precision_5860_tower	-	No
Operating System	dell	precision_7960_tower_firmware	< 1.0.9	Yes
Hardware	dell	precision_7960_tower	-	No
Operating System	dell	vostro_3020_sff_firmware	< 1.6.0	Yes
Hardware	dell	vostro_3020_sff	-	No
Operating System	dell	vostro_3020_t_firmware	< 1.6.0	Yes
Hardware	dell	vostro_3020_t	-	No
Operating System	dell	vostro_3510_firmware	< 1.23.0	Yes
Hardware	dell	vostro_3510	-	No
Operating System	dell	vostro_3690_firmware	< 1.19.0	Yes
Hardware	dell	vostro_3690	-	No
Operating System	dell	vostro_3710_firmware	< 1.15.0	Yes
Hardware	dell	vostro_3710	-	No
Operating System	dell	vostro_3890_firmware	< 1.19.0	Yes
Hardware	dell	vostro_3890	-	No
Operating System	dell	vostro_3910_firmware	< 1.15.0	Yes
Hardware	dell	vostro_3910	-	No
Operating System	dell	vostro_5410_firmware	< 2.20.0	Yes
Hardware	dell	vostro_5410	-	No
Operating System	dell	vostro_5491_firmware	< 1.27.0	Yes
Hardware	dell	vostro_5491	-	No
Operating System	dell	vostro_5510_firmware	< 2.20.0	Yes
Hardware	dell	vostro_5510	-	No
Operating System	dell	vostro_5591_firmware	< 1.27.0	Yes
Hardware	dell	vostro_5591	-	No
Operating System	dell	vostro_5890_firmware	< 1.19.0	Yes
Hardware	dell	vostro_5890	-	No
Operating System	dell	vostro_7500_firmware	< 1.24.0	Yes
Hardware	dell	vostro_7500	-	No
Operating System	dell	vostro_7510_firmware	< 1.17.0	Yes
Hardware	dell	vostro_7510	-	No
Operating System	dell	xps_13_9305_firmware	< 1.16.0	Yes
Hardware	dell	xps_13_9305	-	No
Operating System	dell	xps_13_7390_firmware	< 1.21.0	Yes
Hardware	dell	xps_13_7390	-	No
Operating System	dell	xps_13_7390_2-in-1_firmware	< 1.26.0	Yes
Hardware	dell	xps_13_7390_2-in-1	-	No
Operating System	dell	xps_13_9300_firmware	< 1.19.0	Yes
Hardware	dell	xps_13_9300	-	No
Operating System	dell	xps_13_9310_firmware	< 3.17.0	Yes
Hardware	dell	xps_13_9310	-	No
Operating System	dell	xps_13_9310_2-in-1_firmware	< 2.19.0	Yes
Hardware	dell	xps_13_9310_2-in-1	-	No
Operating System	dell	xps_13_9315_firmware	< 1.13.0	Yes
Hardware	dell	xps_13_9315	-	No
Operating System	dell	xps_15_9520_firmware	< 1.16.0	Yes
Hardware	dell	xps_15_9520	-	No

References

https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)