Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32472

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

Published

2024-07-10T03:15:02.193

Last Modified

2024-11-21T08:03:25.637

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.7 (MEDIUM)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	edge_gateway_3200_firmware	-	Yes
Hardware	dell	edge_gateway_3200	-	No
Operating System	dell	edge_gateway_5200_firmware	< 1.05.10	Yes
Hardware	dell	edge_gateway_5200	-	No

References

https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200 Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)