CVE-2023-32461

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.7

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability	Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xe9680:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr5610:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr8620t:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr7620:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xe8640:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r6615:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r7615:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r6625:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r7625:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r650:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r750:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r750xa:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_c6520:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_mx750c:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r550:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r450:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r650xs:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r750xs:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_t550:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr11:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr12:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_t150:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_t350:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r250:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r350:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xr4510c:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

OR	cpe:2.3:o:dell:poweredge_xr4520c_firmware::::::::
	cpe:2.3:o:dell:poweredge_xr4520c_firmware:1.10.4:::::::*

cpe:2.3:h:dell:poweredge_xr4520c:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r6515:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r6525:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r7515:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_r7525:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND

cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_c6525:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND

cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:poweredge_xe8545:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc450:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc650:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc750:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc750xa_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc750xa:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc6520_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc6520:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND

cpe:2.3:o:dell:emc_xc_core_xc7525_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:emc_xc_core_xc7525:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:03

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-09-15 07:15

Updated : 2024-11-21 08:03

NVD link : CVE-2023-32461

Mitre link : CVE-2023-32461

CVE.ORG link : CVE-2023-32461

JSON object : View

Products Affected

dell

poweredge_xr4510c_firmware
emc_xc_core_xc450_firmware
poweredge_r650xs
poweredge_r760
poweredge_r660xs_firmware
poweredge_mx760c_firmware
poweredge_r750_firmware
poweredge_r7515
poweredge_r760xd2
poweredge_xr7620
poweredge_r750xs_firmware
poweredge_r960_firmware
poweredge_r6525_firmware
poweredge_r7525
poweredge_c6525_firmware
poweredge_hs5610
poweredge_c6620_firmware
poweredge_r660xs
poweredge_r760xs
poweredge_r6615
poweredge_xe8545
poweredge_hs5620
poweredge_xr7620_firmware
poweredge_t150_firmware
emc_xc_core_xc750_firmware
poweredge_r250
poweredge_r750xa
emc_xc_core_xc7525_firmware
poweredge_r660_firmware
poweredge_mx750c_firmware
emc_xc_core_xc450
poweredge_xe9680_firmware
poweredge_r7615_firmware
poweredge_t350_firmware
poweredge_r450
poweredge_xr12_firmware
poweredge_r6515
poweredge_r6625_firmware
poweredge_xe8545_firmware
poweredge_r7625
poweredge_t550_firmware
poweredge_hs5620_firmware
poweredge_r750xs
poweredge_xr8620t_firmware
poweredge_xe8640
emc_xc_core_xc7525
poweredge_xr4520c_firmware
poweredge_r6525
poweredge_t150
poweredge_r860_firmware
poweredge_r650xs_firmware
poweredge_xr12
poweredge_r250_firmware
poweredge_r760xs_firmware
poweredge_hs5610_firmware
poweredge_xr4520c
emc_xc_core_xc6520
poweredge_r6615_firmware
poweredge_r760_firmware
poweredge_r860
poweredge_xe9680
poweredge_c6520
poweredge_r760xa
poweredge_r450_firmware
poweredge_xr5610
poweredge_r750xa_firmware
poweredge_r650
poweredge_r760xd2_firmware
poweredge_r6625
emc_xc_core_xc6520_firmware
poweredge_t550
poweredge_r7515_firmware
poweredge_r660
poweredge_r750
poweredge_r6515_firmware
poweredge_xr5610_firmware
poweredge_t350
poweredge_mx760c
poweredge_r550
poweredge_t560_firmware
poweredge_xe8640_firmware
poweredge_r350
poweredge_xr4510c
poweredge_xr11
poweredge_c6620
poweredge_mx750c
poweredge_c6525
poweredge_r650_firmware
emc_xc_core_xc750
poweredge_t560
poweredge_r960
poweredge_r760xa_firmware
poweredge_r7625_firmware
poweredge_r350_firmware
emc_xc_core_xc750xa_firmware
poweredge_xr11_firmware
poweredge_c6520_firmware
poweredge_r550_firmware
poweredge_xr8620t
emc_xc_core_xc650
emc_xc_core_xc750xa
emc_xc_core_xc650_firmware
poweredge_r7615
poweredge_r7525_firmware

CWE

CWE-122

Heap-based Buffer Overflow

5.0 /10