Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
CVE has been recently published to the CVE List and has been received by the NVD.
Products
Dell Edge Gateway BIOS
- 3200
- 5200
Source
security_alert@emc.com
Tags
CVE-2023-32471 details
Published : July 24, 2024, 8:15 a.m.
Last Modified : July 24, 2024, 12:55 p.m.
Last Modified : July 24, 2024, 12:55 p.m.
Description
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6.0 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-125 | Out-of-bounds Read | The product reads data past the end, or before the beginning, of the intended buffer. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
Base Score
6.0
Exploitability Score
1.5
Impact Score
4.0
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
References
| URL | Source |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200 | security_alert@emc.com |
This website uses the NVD API, but is not approved or certified by it.