CVE-2023-25537

{"id": "CVE-2023-25537", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-05-22T11:15:09.333", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "\nDell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.\n\n"}], "lastModified": "2024-11-21T07:49:41.453", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B37675EF-6040-4F8A-A5C2-44E715B8AD21", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE562535-3D9B-4A82-AC0D-6A2225E63E8D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60523971-FED3-440E-A82C-AF88D48DEA44", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "868ECD3F-77CD-4F5D-86E5-61689E4C5BA0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E95A1EDC-D580-4976-8A54-EB5D1A992DBA", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "81416C16-D7FA-4165-BB0E-6458A4EA5AEE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "222DF748-DA7B-4DF2-868B-67E6674FAE7C", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B581E1DE-4E94-49E5-B5CF-2A94B2570708"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "947180B0-04CE-4BAE-BC7A-625656A90631", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r540:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "73B27F54-3CE3-4A5F-BBA1-2C6ED5316B47"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A142530D-DD9C-4EA5-BE09-10A8DDBBB957", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBC3957E-791A-4052-A9C4-F3ECBD746E37"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15D9902E-9BDF-4E56-9A72-FC2D84DDBB6F", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_t440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28F97F1A-B41E-4CC5-B668-8C194CE2C29E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF6D1AA1-7DC5-48B1-9A0D-D18101C66BB0", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xr2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "88EC4390-C39F-4E56-9631-B8A22986690D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC4EC25A-5544-4B3F-B173-FF0A54FD9F39", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740xd2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A5395D3F-58D4-49F9-AA2F-0D5C6D8C4651"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B1CF99B-0D79-4A02-B847-D32E473529FF", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E058B9C6-CD1C-42F5-8781-05450254E9E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E901926A-84F1-4799-8B6F-1C8A481210A1", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D143853-3D62-4AD7-B899-F726036A34D2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A675F7CB-D3C3-4378-A322-1ED1299D05DC", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1DEC0235-DDA1-4EE4-B3F8-512F1B29AFC6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF28AE6F-A2D3-4972-8777-FD91B9F6DEFF", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_c6420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "027D86DE-076F-4CE9-9DE9-E6976C655E8F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6E643BF-C1E1-4B72-9904-0EDD5AD6FD60", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_fc640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E9C59D4B-1122-4782-A686-559E7DF8C3C9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8D7ED32-1674-4F10-B1F8-B30FCF5232A8", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_m640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F8B50A1-577F-451E-8D03-C8A6A78000DC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "296BDDBF-6C54-4D65-8C9D-C4639074A9AD", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "757039D5-60B9-40B0-B719-38E27409BDDE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31A27B9B-3B03-41C5-913F-1119B6E7E238", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4305D0F-CB59-49D5-8D21-8ECC3342C36C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "630E8769-99DD-4062-8BC4-A793816C5D76", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_c4140:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F9ACC9B8-C046-4304-BA58-7D6D7945BE95"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:dss_8440_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F862C85D-F4DC-4B11-826A-C6AD3AEBB0A8", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:dss_8440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "239C2103-C4BB-4C6A-8E09-C6F7D52024D3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAF0FAAA-AD3C-476D-AAF5-C566A1B1E865", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe2420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "30D12E41-8F03-435C-B137-CD3465923E5C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43348CD0-0B16-4798-85B3-58017417B7C2", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe7420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB402EFE-DEFF-40D1-B1C8-8A7D6923669E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "372DC8AD-61A4-4353-B7DE-71DFA5440401", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe7440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB265071-7294-4317-A854-0D90844CDC17"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_storage_nx3240_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58815A75-5427-48FE-98E5-6FBF5D022E46", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_storage_nx3240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EFCDCB3C-4995-4211-8592-3D7F94098A26"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_storage_nx3340_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6C5E7C0-E28C-4D45-AC2D-518FC3E72D49", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_storage_nx3340:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66F375D2-85E4-4994-AE90-99D25A50F9AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_6420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B14BA9CF-84BE-406F-AE9C-48418E9045B3", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_6420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A54DBA6D-E506-4557-8659-1707F6C9D02F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc640_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4884D9D6-3EE9-4041-9D9D-188215F8C73D", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EE5A591-AFD4-43B0-9383-B2F306940679"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D897026E-70E2-40E7-A59C-E6A1F0FDFA02", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AD7E6DE-4B9B-4C23-81A1-D8D52D2E4215"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1D21691-AA78-4603-9E46-12D3B4D64411", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0127228B-FBC4-4C66-AFA1-749C151F79C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc940_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "533FF26E-95F7-4CD7-BBCA-9A80831489A9", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc940:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A160D84-3C5D-4789-8AF3-B006A5956B3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xcxr2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "120AA799-23AE-4D51-8EC2-11A59A1E0EAB", "versionEndExcluding": "2.18.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xcxr2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FF8CC72-C32F-476D-86D3-CFF022185D76"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security_alert@emc.com"}