Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32461

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.0, requiring local system access to exploit but requires specific conditions to be met without requiring user interaction . The vulnerability impacts limited data confidentiality, limited integrity, and limited availability for affected systems. Impacting 104 products from dell, from dell, from dell and 101 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-09-15T07:15:09.550

Last Modified

2024-11-21T08:03:23.967

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.0 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-122
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System dell poweredge_r660_firmware < 1.5.6 Yes
Hardware dell poweredge_r660 - No
Operating System dell poweredge_r760_firmware < 1.5.6 Yes
Hardware dell poweredge_r760 - No
Operating System dell poweredge_c6620_firmware < 1.5.6 Yes
Hardware dell poweredge_c6620 - No
Operating System dell poweredge_mx760c_firmware < 1.5.6 Yes
Hardware dell poweredge_mx760c - No
Operating System dell poweredge_r860_firmware < 1.5.6 Yes
Hardware dell poweredge_r860 - No
Operating System dell poweredge_r960_firmware < 1.5.6 Yes
Hardware dell poweredge_r960 - No
Operating System dell poweredge_hs5610_firmware < 1.5.6 Yes
Hardware dell poweredge_hs5610 - No
Operating System dell poweredge_hs5620_firmware < 1.5.6 Yes
Hardware dell poweredge_hs5620 - No
Operating System dell poweredge_r660xs_firmware < 1.5.6 Yes
Hardware dell poweredge_r660xs - No
Operating System dell poweredge_r760xs_firmware < 1.5.6 Yes
Hardware dell poweredge_r760xs - No
Operating System dell poweredge_r760xd2_firmware < 1.5.6 Yes
Hardware dell poweredge_r760xd2 - No
Operating System dell poweredge_t560_firmware < 1.5.6 Yes
Hardware dell poweredge_t560 - No
Operating System dell poweredge_r760xa_firmware < 1.1.3 Yes
Hardware dell poweredge_r760xa - No
Operating System dell poweredge_xe9680_firmware < 1.1.3 Yes
Hardware dell poweredge_xe9680 - No
Operating System dell poweredge_xr5610_firmware < 1.1.4 Yes
Hardware dell poweredge_xr5610 - No
Operating System dell poweredge_xr8620t_firmware < 1.1.3 Yes
Hardware dell poweredge_xr8620t - No
Operating System dell poweredge_xr7620_firmware < 1.5.6 Yes
Hardware dell poweredge_xr7620 - No
Operating System dell poweredge_xe8640_firmware < 1.2.5 Yes
Hardware dell poweredge_xe8640 - No
Operating System dell poweredge_r6615_firmware < 1.3.11 Yes
Hardware dell poweredge_r6615 - No
Operating System dell poweredge_r7615_firmware < 1.3.11 Yes
Hardware dell poweredge_r7615 - No
Operating System dell poweredge_r6625_firmware < 1.3.11 Yes
Hardware dell poweredge_r6625 - No
Operating System dell poweredge_r7625_firmware < 1.3.11 Yes
Hardware dell poweredge_r7625 - No
Operating System dell poweredge_r650_firmware < 1.10.2 Yes
Hardware dell poweredge_r650 - No
Operating System dell poweredge_r750_firmware < 1.10.2 Yes
Hardware dell poweredge_r750 - No
Operating System dell poweredge_r750xa_firmware < 1.10.2 Yes
Hardware dell poweredge_r750xa - No
Operating System dell poweredge_c6520_firmware < 1.10.2 Yes
Hardware dell poweredge_c6520 - No
Operating System dell poweredge_mx750c_firmware < 1.10.2 Yes
Hardware dell poweredge_mx750c - No
Operating System dell poweredge_r550_firmware < 1.10.2 Yes
Hardware dell poweredge_r550 - No
Operating System dell poweredge_r450_firmware < 1.10.2 Yes
Hardware dell poweredge_r450 - No
Operating System dell poweredge_r650xs_firmware < 1.10.2 Yes
Hardware dell poweredge_r650xs - No
Operating System dell poweredge_r750xs_firmware < 1.10.2 Yes
Hardware dell poweredge_r750xs - No
Operating System dell poweredge_t550_firmware < 1.10.2 Yes
Hardware dell poweredge_t550 - No
Operating System dell poweredge_xr11_firmware < 1.10.2 Yes
Hardware dell poweredge_xr11 - No
Operating System dell poweredge_xr12_firmware < 1.10.2 Yes
Hardware dell poweredge_xr12 - No
Operating System dell poweredge_t150_firmware < 1.6.3 Yes
Hardware dell poweredge_t150 - No
Operating System dell poweredge_t350_firmware < 1.6.3 Yes
Hardware dell poweredge_t350 - No
Operating System dell poweredge_r250_firmware < 1.6.3 Yes
Hardware dell poweredge_r250 - No
Operating System dell poweredge_r350_firmware < 1.6.3 Yes
Hardware dell poweredge_r350 - No
Operating System dell poweredge_xr4510c_firmware < 1.10.4 Yes
Hardware dell poweredge_xr4510c - No
Operating System dell poweredge_xr4520c_firmware < 1.10.4 Yes
Operating System dell poweredge_xr4520c_firmware 1.10.4 Yes
Hardware dell poweredge_xr4520c - No
Operating System dell poweredge_r6515_firmware < 2.11.4 Yes
Hardware dell poweredge_r6515 - No
Operating System dell poweredge_r6525_firmware < 2.11.3 Yes
Hardware dell poweredge_r6525 - No
Operating System dell poweredge_r7515_firmware < 2.11.4 Yes
Hardware dell poweredge_r7515 - No
Operating System dell poweredge_r7525_firmware < 2.11.3 Yes
Hardware dell poweredge_r7525 - No
Operating System dell poweredge_c6525_firmware < 2.11.3 Yes
Hardware dell poweredge_c6525 - No
Operating System dell poweredge_xe8545_firmware < 2.11.3 Yes
Hardware dell poweredge_xe8545 - No
Operating System dell emc_xc_core_xc450_firmware < 1.11.2 Yes
Hardware dell emc_xc_core_xc450 - No
Operating System dell emc_xc_core_xc650_firmware < 1.11.2 Yes
Hardware dell emc_xc_core_xc650 - No
Operating System dell emc_xc_core_xc750_firmware < 1.11.2 Yes
Hardware dell emc_xc_core_xc750 - No
Operating System dell emc_xc_core_xc750xa_firmware < 1.11.2 Yes
Hardware dell emc_xc_core_xc750xa - No
Operating System dell emc_xc_core_xc6520_firmware < 1.11.2 Yes
Hardware dell emc_xc_core_xc6520 - No
Operating System dell emc_xc_core_xc7525_firmware < 2.11.3 Yes
Hardware dell emc_xc_core_xc7525 - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For dell's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.