CVE-2023-28064

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 LOW
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
dellCNA
3.5 LOW
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
dellalienware_m15_r6_firmware
𝑥
< 1.22.1
dellalienware_m15_r7_firmware
𝑥
< 1.17.0
dellchengming_3900_firmware
𝑥
< 1.13.0
dellchengming_3901_firmware
𝑥
< 1.13.0
dellg15_5510_firmware
𝑥
< 1.19.0
dellg15_5511_firmware
𝑥
< 1.22.1
dellg15_5520_firmware
𝑥
< 1.17.0
dellinspiron_14_5418_firmware
𝑥
< 2.19.1
dellinspiron_14_5410_firmware
𝑥
< 2.19.1
dellinspiron_14_plus_7420_firmware
𝑥
< 1.13.0
dellinspiron_15_3511_firmware
𝑥
< 1.22.1
dellinspiron_15_5510_firmware
𝑥
< 2.19.1
dellinspiron_15_5518_firmware
𝑥
< 2.19.1
dellinspiron_16_7620_2-in-1_firmware
𝑥
< 1.12.1
dellinspiron_16_plus_7620_firmware
𝑥
< 1.13.0
dellinspiron_3511_firmware
𝑥
< 1.22.1
dellinspiron_3520_firmware
𝑥
< 1.15.0
dellinspiron_3891_firmware
𝑥
< 1.18.1
dellinspiron_3910_firmware
𝑥
< 1.13.0
dellinspiron_5310_firmware
𝑥
< 2.20.1
dellinspiron_5320_firmware
𝑥
< 1.11.1
dellinspiron_5410_firmware
𝑥
< 2.19.1
dellinspiron_5420_firmware
𝑥
< 1.14.1
dellinspiron_5620_firmware
𝑥
< 1.14.1
dellinspiron_7420_firmware
𝑥
< 1.12.1
dellinspiron_7510_firmware
𝑥
< 1.16.1
dellinspiron_7610_firmware
𝑥
< 1.16.1
delllatitude_3120_firmware
𝑥
< 1.17.2
delllatitude_3320_firmware
𝑥
< 1.22.2
delllatitude_3330_firmware
𝑥
< 1.13.0
delllatitude_3420_firmware
𝑥
< 1.29.0
delllatitude_3430_firmware
𝑥
< 1.10.1
delllatitude_3520_firmware
𝑥
< 1.29.0
delllatitude_3530_firmware
𝑥
< 1.10.1
delllatitude_5320_firmware
𝑥
< 1.28.1
delllatitude_5330_firmware
𝑥
< 1.13.1
delllatitude_5520_firmware
𝑥
< 1.28.1
delllatitude_5530_firmware
𝑥
< 1.13.2
delllatitude_5531_firmware
𝑥
< 1.14.1
delllatitude_7330_firmware
𝑥
< 1.14.1
delllatitude_7430_firmware
𝑥
< 1.14.1
delllatitude_7530_firmware
𝑥
< 1.14.1
delllatitude_rugged_5430_firmware
𝑥
< 1.18.1
delllatitude_rugged_7330_firmware
𝑥
< 1.18.1
delloptiplex_3000_firmware
𝑥
< 1.13.1
delloptiplex_5000_firmware
𝑥
< 1.13.1
delloptiplex_5400_firmware
𝑥
< 1.1.28
delloptiplex_7000_firmware
𝑥
< 1.13.1
delloptiplex_7000_oem_firmware
𝑥
< 1.13.1
delloptiplex_7400_firmware
𝑥
< 1.1.28
delloptiplex_7410_all-in-one_firmware
𝑥
< 1.4.1
dellprecision_3560_firmware
𝑥
< 1.28.1
dellprecision_3570_firmware
𝑥
< 1.13.2
dellprecision_3571_firmware
𝑥
< 1.14.1
dellprecision_5760_firmware
𝑥
< 1.20.1
dellprecision_5770_firmware
𝑥
< 1.17.1
dellvostro_3420_firmware
𝑥
< 1.15.0
dellvostro_3510_firmware
𝑥
< 1.22.1
dellvostro_3520_firmware
𝑥
< 1.15.0
dellvostro_3910_firmware
𝑥
< 1.13.0
dellvostro_5310_firmware
𝑥
< 2.20.1
dellvostro_5320_firmware
𝑥
< 1.11.1
dellvostro_5410_firmware
𝑥
< 2.19.1
dellvostro_5510_firmware
𝑥
< 2.19.1
dellvostro_5620_firmware
𝑥
< 1.14.1
dellvostro_7510_firmware
𝑥
< 1.16.1
dellvostro_7620_firmware
𝑥
< 1.13.0
dellxps_13_9315_2-in-1_firmware
𝑥
< 1.8.1
dellxps_17_9710_firmware
𝑥
< 1.20.1
dellxps_17_9720_firmware
𝑥
< 1.17.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability
https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability