Products
Dell Edge Gateway BIOS
- 3200
- 5200
Source
security_alert@emc.com
Tags
CVE-2023-32472 details
Published : July 10, 2024, 3:15 a.m.
Last Modified : July 10, 2024, 3:15 a.m.
Last Modified : July 10, 2024, 3:15 a.m.
Description
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
CVSS Score
1 | 2 | 3 | 4 | 5.7 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-125 | Out-of-bounds Read | The product reads data past the end, or before the beginning, of the intended buffer. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
Base Score
5.7
Exploitability Score
1.5
Impact Score
3.7
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
References
URL | Source |
---|---|
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200 | security_alert@emc.com |
This website uses the NVD API, but is not approved or certified by it.