Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32453

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 4.6, with relatively low complexity without requiring user interaction . The vulnerability impacts integrity (unauthorized modifications), and limited availability for affected systems. Impacting 222 products from dell, from dell, from dell and 219 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-08-16T20:15:09.560

Last Modified

2024-11-21T08:03:22.940

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-287
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System dell alienware_m15_r7_firmware < 1.18.0 Yes
Hardware dell alienware_m15_r7 - No
Operating System dell alienware_m16_firmware < 1.10.1 Yes
Hardware dell alienware_m16 - No
Operating System dell alienware_m18_firmware < 1.10.1 Yes
Hardware dell alienware_m18 - No
Operating System dell chengming_3900_firmware < 1.15.0 Yes
Hardware dell chengming_3900 - No
Operating System dell chengming_3901_firmware < 1.15.0 Yes
Hardware dell chengming_3901 - No
Operating System dell chengming_3910_firmware < 1.6.0 Yes
Hardware dell chengming_3910 - No
Operating System dell chengming_3911_firmware < 1.6.0 Yes
Hardware dell chengming_3911 - No
Operating System dell g15_5520_firmware < 1.18.0 Yes
Hardware dell g15_5520 - No
Operating System dell g16_7620_firmware < 1.18.0 Yes
Hardware dell g16_7620 - No
Operating System dell g3_3500_firmware < 1.26.0 Yes
Hardware dell g3_3500 - No
Operating System dell g5_15_5500_firmware < 1.26.0 Yes
Hardware dell g5_15_5500 - No
Operating System dell g7_15_7500_firmware < 1.26.0 Yes
Hardware dell g7_15_7500 - No
Operating System dell g7_17_7700_firmware < 1.26.0 Yes
Hardware dell g7_17_7700 - No
Operating System dell precision_5680_firmware < 1.4.1 Yes
Hardware dell precision_5680 - No
Operating System dell inspiron_14_5410_firmware < 2.20.0 Yes
Hardware dell inspiron_14_5410 - No
Operating System dell inspiron_14_5418_firmware < 2.20.0 Yes
Hardware dell inspiron_14_5418 - No
Operating System dell inspiron_15_3511_firmware < 1.23.0 Yes
Hardware dell inspiron_15_3511 - No
Operating System dell inspiron_15_5510_firmware < 2.20.0 Yes
Hardware dell inspiron_15_5510 - No
Operating System dell inspiron_15_5518_firmware < 2.20.0 Yes
Hardware dell inspiron_15_5518 - No
Operating System dell inspiron_24_5420_all-in-one_firmware < 1.4.0 Yes
Hardware dell inspiron_24_5420_all-in-one - No
Operating System dell inspiron_24_5421_all-in-one_firmware < 1.4.0 Yes
Hardware dell inspiron_24_5421_all-in-one - No
Operating System dell inspiron_27_7720_all-in-one_firmware < 1.4.0 Yes
Hardware dell inspiron_27_7720_all-in-one - No
Operating System dell inspiron_3020_small_desktop_firmware ≤ 1.6.0 Yes
Hardware dell inspiron_3020_small_desktop - No
Operating System dell inspiron_3020_desktop_firmware < 1.6.0 Yes
Hardware dell inspiron_3020_desktop - No
Operating System dell inspiron_3493_firmware < 1.27.0 Yes
Hardware dell inspiron_3493 - No
Operating System dell inspiron_3511_firmware < 1.23.0 Yes
Hardware dell inspiron_3511 - No
Operating System dell inspiron_3593_firmware < 1.27.0 Yes
Hardware dell inspiron_3593 - No
Operating System dell inspiron_3793_firmware < 1.27.0 Yes
Hardware dell inspiron_3793 - No
Operating System dell inspiron_3891_firmware < 1.19.0 Yes
Hardware dell inspiron_3891 - No
Operating System dell inspiron_3910_firmware < 1.15.0 Yes
Hardware dell inspiron_3910 - No
Operating System dell inspiron_5410_firmware < 2.20.0 Yes
Hardware dell inspiron_5410 - No
Operating System dell inspiron_5493_firmware < 1.27.0 Yes
Hardware dell inspiron_5493 - No
Operating System dell inspiron_5593_firmware < 1.27.0 Yes
Hardware dell inspiron_5593 - No
Operating System dell inspiron_7300_2-in-1_firmware < 1.19.0 Yes
Hardware dell inspiron_7300_2-in-1 - No
Operating System dell inspiron_7490_firmware < 1.22.0 Yes
Hardware dell inspiron_7490 - No
Operating System dell inspiron_7500_firmware < 1.24.0 Yes
Hardware dell inspiron_7500 - No
Operating System dell inspiron_7500_2-in-1_black_firmware < 1.19.0 Yes
Hardware dell inspiron_7500_2-in-1_black - No
Operating System dell inspiron_7501_firmware < 1.24.0 Yes
Hardware dell inspiron_7501 - No
Operating System dell inspiron_7510_firmware < 1.17.0 Yes
Hardware dell inspiron_7510 - No
Operating System dell inspiron_7610_firmware < 1.17.0 Yes
Hardware dell inspiron_7610 - No
Operating System dell latitude_3140_firmware < 1.8.0 Yes
Hardware dell latitude_3140 - No
Operating System dell latitude_3301_firmware < 1.27.0 Yes
Hardware dell latitude_3301 - No
Operating System dell latitude_3320_firmware < 1.23.0 Yes
Hardware dell latitude_3320 - No
Operating System dell latitude_3330_firmware < 1.15.0 Yes
Hardware dell latitude_3330 - No
Operating System dell latitude_3340_firmware < 1.6.0 Yes
Hardware dell latitude_3340 - No
Operating System dell latitude_3400_firmware < 1.29.0 Yes
Hardware dell latitude_3400 - No
Operating System dell latitude_3430_firmware < 1.12.0 Yes
Hardware dell latitude_3430 - No
Operating System dell latitude_3440_firmware < 1.6.0 Yes
Hardware dell latitude_3440 - No
Operating System dell latitude_3500_firmware < 1.29.0 Yes
Hardware dell latitude_3500 - No
Operating System dell latitude_3530_firmware < 1.12.0 Yes
Hardware dell latitude_3530 - No
Operating System dell latitude_3540_firmware < 1.6.0 Yes
Hardware dell latitude_3540 - No
Operating System dell latitude_5420_firmware < 1.30.0 Yes
Hardware dell latitude_5420 - No
Operating System dell latitude_5430_firmware < 1.15.0 Yes
Hardware dell latitude_5430 - No
Operating System dell latitude_5431_firmware < 1.15.0 Yes
Hardware dell latitude_5431 - No
Operating System dell latitude_7230_rugged_extreme_tablet_firmware < 1.8.0 Yes
Hardware dell latitude_7230_rugged_extreme_tablet - No
Operating System dell latitude_7320_firmware < 1.28.0 Yes
Hardware dell latitude_7320 - No
Operating System dell latitude_7420_firmware < 1.28.0 Yes
Hardware dell latitude_7420 - No
Operating System dell latitude_7520_firmware < 1.28.0 Yes
Hardware dell latitude_7520 - No
Operating System dell latitude_9330_firmware < 1.13.0 Yes
Hardware dell latitude_9330 - No
Operating System dell latitude_9520_firmware < 1.24.0 Yes
Hardware dell latitude_9520 - No
Operating System dell latitude_rugged_5430_firmware < 1.20.0 Yes
Hardware dell latitude_rugged_5430 - No
Operating System dell latitude_rugged_7330_firmware < 1.20.0 Yes
Hardware dell latitude_rugged_7330 - No
Operating System dell optiplex_3000_firmware < 1.15.0 Yes
Hardware dell optiplex_3000 - No
Operating System dell optiplex_3000_thin_client_firmware < 1.11.0 Yes
Hardware dell optiplex_3000_thin_client - No
Operating System dell optiplex_5000_firmware < 1.15.0 Yes
Hardware dell optiplex_5000 - No
Operating System dell optiplex_5090_firmware < 1.19.0 Yes
Hardware dell optiplex_5090 - No
Operating System dell optiplex_5400_all-in-one_firmware < 1.1.30 Yes
Hardware dell optiplex_5400_all-in-one - No
Operating System dell optiplex_5490_all-in-one_firmware < 1.23.0 Yes
Hardware dell optiplex_5490_all-in-one - No
Operating System dell optiplex_7000_firmware < 1.15.0 Yes
Hardware dell optiplex_7000 - No
Operating System dell optiplex_7090_firmware < 1.19.0 Yes
Hardware dell optiplex_7090 - No
Operating System dell optiplex_7400_all-in-one_firmware < 1.1.30 Yes
Hardware dell optiplex_7400_all-in-one - No
Operating System dell optiplex_7490_all-in-one_firmware < 1.23.0 Yes
Hardware dell optiplex_7490_all-in-one - No
Operating System dell optiplex_7410_all-in-one_firmware < 1.6.0 Yes
Hardware dell optiplex_7410_all-in-one - No
Operating System dell optiplex_micro_plus_7010_firmware < 1.6.0 Yes
Hardware dell optiplex_micro_plus_7010 - No
Operating System dell optiplex_small_form_factor_plus_7010_firmware < 1.6.0 Yes
Hardware dell optiplex_small_form_factor_plus_7010 - No
Operating System dell optiplex_tower_plus_7010_firmware < 1.6.0 Yes
Hardware dell optiplex_tower_plus_7010 - No
Operating System dell optiplex_xe4_firmware < 1.15.0 Yes
Hardware dell optiplex_xe4 - No
Operating System dell precision_3260_xe_compact_firmware < 2.7.0 Yes
Hardware dell precision_3260_xe_compact - No
Operating System dell precision_3260_compact_firmware < 2.7.0 Yes
Hardware dell precision_3260_compact - No
Operating System dell precision_3450_firmware < 1.19.0 Yes
Hardware dell precision_3450 - No
Operating System dell precision_3460_xe_small_form_factor_firmware < 2.7.0 Yes
Hardware dell precision_3460_xe_small_form_factor - No
Operating System dell precision_3460_small_form_factor_firmware < 2.7.0 Yes
Hardware dell precision_3460_small_form_factor - No
Operating System dell precision_3470_firmware < 1.15.0 Yes
Hardware dell precision_3470 - No
Operating System dell precision_3650_tower_firmware < 1.24.0 Yes
Hardware dell precision_3650_tower - No
Operating System dell precision_3660_firmware < 2.7.0 Yes
Hardware dell precision_3660 - No
Operating System dell precision_5470_firmware < 1.15.0 Yes
Hardware dell precision_5470 - No
Operating System dell precision_5570_firmware < 1.16.0 Yes
Hardware dell precision_5570 - No
Operating System dell precision_5860_tower_firmware < 1.0.10 Yes
Hardware dell precision_5860_tower - No
Operating System dell precision_7960_tower_firmware < 1.0.9 Yes
Hardware dell precision_7960_tower - No
Operating System dell vostro_3020_sff_firmware < 1.6.0 Yes
Hardware dell vostro_3020_sff - No
Operating System dell vostro_3020_t_firmware < 1.6.0 Yes
Hardware dell vostro_3020_t - No
Operating System dell vostro_3510_firmware < 1.23.0 Yes
Hardware dell vostro_3510 - No
Operating System dell vostro_3690_firmware < 1.19.0 Yes
Hardware dell vostro_3690 - No
Operating System dell vostro_3710_firmware < 1.15.0 Yes
Hardware dell vostro_3710 - No
Operating System dell vostro_3890_firmware < 1.19.0 Yes
Hardware dell vostro_3890 - No
Operating System dell vostro_3910_firmware < 1.15.0 Yes
Hardware dell vostro_3910 - No
Operating System dell vostro_5410_firmware < 2.20.0 Yes
Hardware dell vostro_5410 - No
Operating System dell vostro_5491_firmware < 1.27.0 Yes
Hardware dell vostro_5491 - No
Operating System dell vostro_5510_firmware < 2.20.0 Yes
Hardware dell vostro_5510 - No
Operating System dell vostro_5591_firmware < 1.27.0 Yes
Hardware dell vostro_5591 - No
Operating System dell vostro_5890_firmware < 1.19.0 Yes
Hardware dell vostro_5890 - No
Operating System dell vostro_7500_firmware < 1.24.0 Yes
Hardware dell vostro_7500 - No
Operating System dell vostro_7510_firmware < 1.17.0 Yes
Hardware dell vostro_7510 - No
Operating System dell xps_13_9305_firmware < 1.16.0 Yes
Hardware dell xps_13_9305 - No
Operating System dell xps_13_7390_firmware < 1.21.0 Yes
Hardware dell xps_13_7390 - No
Operating System dell xps_13_7390_2-in-1_firmware < 1.26.0 Yes
Hardware dell xps_13_7390_2-in-1 - No
Operating System dell xps_13_9300_firmware < 1.19.0 Yes
Hardware dell xps_13_9300 - No
Operating System dell xps_13_9310_firmware < 3.17.0 Yes
Hardware dell xps_13_9310 - No
Operating System dell xps_13_9310_2-in-1_firmware < 2.19.0 Yes
Hardware dell xps_13_9310_2-in-1 - No
Operating System dell xps_13_9315_firmware < 1.13.0 Yes
Hardware dell xps_13_9315 - No
Operating System dell xps_15_9520_firmware < 1.16.0 Yes
Hardware dell xps_15_9520 - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For dell's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.