Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32461

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

Published

2023-09-15T07:15:09.550

Last Modified

2024-11-21T08:03:23.967

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.0 (MEDIUM)

Weaknesses

Type: Primary
CWE-122

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	poweredge_r660_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r660	-	No
Operating System	dell	poweredge_r760_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r760	-	No
Operating System	dell	poweredge_c6620_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_c6620	-	No
Operating System	dell	poweredge_mx760c_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_mx760c	-	No
Operating System	dell	poweredge_r860_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r860	-	No
Operating System	dell	poweredge_r960_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r960	-	No
Operating System	dell	poweredge_hs5610_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_hs5610	-	No
Operating System	dell	poweredge_hs5620_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_hs5620	-	No
Operating System	dell	poweredge_r660xs_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r660xs	-	No
Operating System	dell	poweredge_r760xs_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r760xs	-	No
Operating System	dell	poweredge_r760xd2_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_r760xd2	-	No
Operating System	dell	poweredge_t560_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_t560	-	No
Operating System	dell	poweredge_r760xa_firmware	< 1.1.3	Yes
Hardware	dell	poweredge_r760xa	-	No
Operating System	dell	poweredge_xe9680_firmware	< 1.1.3	Yes
Hardware	dell	poweredge_xe9680	-	No
Operating System	dell	poweredge_xr5610_firmware	< 1.1.4	Yes
Hardware	dell	poweredge_xr5610	-	No
Operating System	dell	poweredge_xr8620t_firmware	< 1.1.3	Yes
Hardware	dell	poweredge_xr8620t	-	No
Operating System	dell	poweredge_xr7620_firmware	< 1.5.6	Yes
Hardware	dell	poweredge_xr7620	-	No
Operating System	dell	poweredge_xe8640_firmware	< 1.2.5	Yes
Hardware	dell	poweredge_xe8640	-	No
Operating System	dell	poweredge_r6615_firmware	< 1.3.11	Yes
Hardware	dell	poweredge_r6615	-	No
Operating System	dell	poweredge_r7615_firmware	< 1.3.11	Yes
Hardware	dell	poweredge_r7615	-	No
Operating System	dell	poweredge_r6625_firmware	< 1.3.11	Yes
Hardware	dell	poweredge_r6625	-	No
Operating System	dell	poweredge_r7625_firmware	< 1.3.11	Yes
Hardware	dell	poweredge_r7625	-	No
Operating System	dell	poweredge_r650_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r650	-	No
Operating System	dell	poweredge_r750_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r750	-	No
Operating System	dell	poweredge_r750xa_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r750xa	-	No
Operating System	dell	poweredge_c6520_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_c6520	-	No
Operating System	dell	poweredge_mx750c_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_mx750c	-	No
Operating System	dell	poweredge_r550_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r550	-	No
Operating System	dell	poweredge_r450_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r450	-	No
Operating System	dell	poweredge_r650xs_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r650xs	-	No
Operating System	dell	poweredge_r750xs_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_r750xs	-	No
Operating System	dell	poweredge_t550_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_t550	-	No
Operating System	dell	poweredge_xr11_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_xr11	-	No
Operating System	dell	poweredge_xr12_firmware	< 1.10.2	Yes
Hardware	dell	poweredge_xr12	-	No
Operating System	dell	poweredge_t150_firmware	< 1.6.3	Yes
Hardware	dell	poweredge_t150	-	No
Operating System	dell	poweredge_t350_firmware	< 1.6.3	Yes
Hardware	dell	poweredge_t350	-	No
Operating System	dell	poweredge_r250_firmware	< 1.6.3	Yes
Hardware	dell	poweredge_r250	-	No
Operating System	dell	poweredge_r350_firmware	< 1.6.3	Yes
Hardware	dell	poweredge_r350	-	No
Operating System	dell	poweredge_xr4510c_firmware	< 1.10.4	Yes
Hardware	dell	poweredge_xr4510c	-	No
Operating System	dell	poweredge_xr4520c_firmware	< 1.10.4	Yes
Operating System	dell	poweredge_xr4520c_firmware	1.10.4	Yes
Hardware	dell	poweredge_xr4520c	-	No
Operating System	dell	poweredge_r6515_firmware	< 2.11.4	Yes
Hardware	dell	poweredge_r6515	-	No
Operating System	dell	poweredge_r6525_firmware	< 2.11.3	Yes
Hardware	dell	poweredge_r6525	-	No
Operating System	dell	poweredge_r7515_firmware	< 2.11.4	Yes
Hardware	dell	poweredge_r7515	-	No
Operating System	dell	poweredge_r7525_firmware	< 2.11.3	Yes
Hardware	dell	poweredge_r7525	-	No
Operating System	dell	poweredge_c6525_firmware	< 2.11.3	Yes
Hardware	dell	poweredge_c6525	-	No
Operating System	dell	poweredge_xe8545_firmware	< 2.11.3	Yes
Hardware	dell	poweredge_xe8545	-	No
Operating System	dell	emc_xc_core_xc450_firmware	< 1.11.2	Yes
Hardware	dell	emc_xc_core_xc450	-	No
Operating System	dell	emc_xc_core_xc650_firmware	< 1.11.2	Yes
Hardware	dell	emc_xc_core_xc650	-	No
Operating System	dell	emc_xc_core_xc750_firmware	< 1.11.2	Yes
Hardware	dell	emc_xc_core_xc750	-	No
Operating System	dell	emc_xc_core_xc750xa_firmware	< 1.11.2	Yes
Hardware	dell	emc_xc_core_xc750xa	-	No
Operating System	dell	emc_xc_core_xc6520_firmware	< 1.11.2	Yes
Hardware	dell	emc_xc_core_xc6520	-	No
Operating System	dell	emc_xc_core_xc7525_firmware	< 2.11.3	Yes
Hardware	dell	emc_xc_core_xc7525	-	No

References

https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)