CVE-2023-28075

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 MEDIUM
PHYSICAL
HIGH
HIGH
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
dellCNA
6.9 MEDIUM
PHYSICAL
HIGH
HIGH
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
dellalienware_m15_r7_firmware
𝑥
< 1.18.0
dellalienware_m16_firmware
𝑥
< 1.10.1
dellalienware_m18_firmware
𝑥
< 1.10.1
dellchengming_3900_firmware
𝑥
< 1.15.0
dellchengming_3901_firmware
𝑥
< 1.15.0
dellchengming_3910_firmware
𝑥
< 1.6.0
dellchengming_3911_firmware
𝑥
< 1.6.0
dellchengming_3980_firmware
𝑥
< 2.32.0
dellchengming_3990_firmware
𝑥
< 1.21.0
dellchengming_3991_firmware
𝑥
< 1.21.0
dellg15_5520_firmware
𝑥
< 1.18.0
dellg16_7620_firmware
𝑥
< 1.18.0
dellg3_3500_firmware
𝑥
< 1.26.0
dellg5_15_5500_firmware
𝑥
< 1.26.0
dellg5_15_5590_firmware
𝑥
< 1.26.0
dellg7_15_7500_firmware
𝑥
< 1.26.0
dellg7_15_7590_firmware
𝑥
< 1.26.0
dellg7_17_7700_firmware
𝑥
< 1.26.0
dellg7_17_7790_firmware
𝑥
< 1.26.0
dellprecision_5680_firmware
𝑥
< 1.4.1
dellprecision_5820_tower_firmware
𝑥
< 2.31.0
dellprecision_7820_tower_firmware
𝑥
< 2.35.0
dellprecision_7920_tower_firmware
𝑥
< 2.35.0
delledge_gateway_3000_firmware
𝑥
< 1.13.0
delledge_gateway_5000_firmware
𝑥
< 1.23.0
dellembedded_box_pc_3000_firmware
𝑥
< 1.19.0
dellembedded_box_pc_5000_firmware
𝑥
< 1.20.0
dellinspiron_14_5410_firmware
𝑥
< 2.20.0
dellinspiron_14_5418_firmware
𝑥
< 2.20.0
dellinspiron_15_3511_firmware
𝑥
< 1.23.0
dellinspiron_15_5510_firmware
𝑥
< 2.20.0
dellinspiron_15_5518_firmware
𝑥
< 2.20.0
dellinspiron_24_5420_all-in-one_firmware
𝑥
< 1.4.0
dellinspiron_24_5421_all-in-one_firmware
𝑥
< 1.4.0
dellinspiron_27_7720_all-in-one_firmware
𝑥
< 1.4.0
dellinspiron_3020_small_desktop_firmware
𝑥
< 1.6.0
dellinspiron_3020_desktop_firmware
𝑥
< 1.6.0
dellinspiron_3470_firmware
𝑥
< 2.32.0
dellinspiron_3480_firmware
𝑥
< 1.25.0
dellinspiron_3481_firmware
𝑥
< 1.23.0
dellinspiron_3493_firmware
𝑥
< 1.27.0
dellinspiron_3511_firmware
𝑥
< 1.23.0
dellinspiron_3580_firmware
𝑥
< 1.25.0
dellinspiron_3581_firmware
𝑥
< 1.23.0
dellinspiron_3583_firmware
𝑥
< 1.25.0
dellinspiron_3584_firmware
𝑥
< 1.23.0
dellinspiron_3593_firmware
𝑥
< 1.27.0
dellinspiron_3670_firmware
𝑥
< 2.32.0
dellinspiron_3780_firmware
𝑥
< 1.25.0
dellinspiron_3781_firmware
𝑥
< 1.23.0
dellinspiron_3793_firmware
𝑥
< 1.27.0
dellinspiron_3880_firmware
𝑥
< 1.21.0
dellinspiron_3881_firmware
𝑥
< 1.21.0
dellinspiron_3891_firmware
𝑥
< 1.19.0
dellinspiron_3910_firmware
𝑥
< 1.15.0
dellinspiron_5400_firmware
𝑥
< 1.21.0
dellinspiron_5401_aio_firmware
𝑥
< 1.21.0
dellinspiron_5410_firmware
𝑥
< 2.20.0
dellinspiron_5490_aio_firmware
𝑥
< 1.22.0
dellinspiron_5493_firmware
𝑥
< 1.27.0
dellinspiron_5593_firmware
𝑥
< 1.27.0
dellinspiron_7300_2-in-1_firmware
𝑥
< 1.19.0
dellinspiron_7490_firmware
𝑥
< 1.22.0
dellinspiron_7500_firmware
𝑥
< 1.24.0
dellinspiron_7500_2-in-1_black_firmware
𝑥
< 1.19.0
dellinspiron_7501_firmware
𝑥
< 1.24.0
dellinspiron_7510_firmware
𝑥
< 1.17.0
dellinspiron_7590_firmware
𝑥
< 1.21.0
dellinspiron_7591_firmware
𝑥
< 1.21.0
dellinspiron_7610_firmware
𝑥
< 1.17.0
dellinspiron_7700_all-in-one_firmware
𝑥
< 1.21.0
dellinspiron_7790_firmware
𝑥
< 1.22.0
dellinspiron_5491_aio_firmware
𝑥
< 1.22.0
delllatitude_3120_firmware
𝑥
< 1.19.0
delllatitude_3140_firmware
𝑥
< 1.8.0
delllatitude_3180_firmware
𝑥
< 1.23.0
delllatitude_3189_firmware
𝑥
< 1.23.0
delllatitude_3190_firmware
𝑥
< 1.28.0
delllatitude_3190_2-in-1_firmware
𝑥
< 1.28.0
delllatitude_3301_firmware
𝑥
< 1.27.0
delllatitude_3310_firmware
𝑥
< 1.21.0
delllatitude_3310_2-in-1_firmware
𝑥
< 1.20.0
delllatitude_3320_firmware
𝑥
< 1.23.0
delllatitude_3330_firmware
𝑥
< 1.15.0
delllatitude_3340_firmware
𝑥
< 1.6.0
delllatitude_3400_firmware
𝑥
< 1.29.0
delllatitude_3430_firmware
𝑥
< 1.12.0
delllatitude_3440_firmware
𝑥
< 1.6.0
delllatitude_3500_firmware
𝑥
< 1.29.0
delllatitude_3530_firmware
𝑥
< 1.12.0
delllatitude_3540_firmware
𝑥
< 1.6.0
delllatitude_5280_firmware
𝑥
< 1.31.0
delllatitude_5285_2-in-1_firmware
𝑥
< 1.23.0
delllatitude_5288_firmware
𝑥
< 1.31.0
delllatitude_5290_2-in-1_firmware
𝑥
< 1.28.0
delllatitude_5300_firmware
𝑥
< 1.27.0
delllatitude_5300_2-in-1_firmware
𝑥
< 1.27.0
delllatitude_5310_firmware
𝑥
< 1.20.0
delllatitude_5310_2-in-1_firmware
𝑥
< 1.20.0
delllatitude_5400_firmware
𝑥
< 1.25.0
delllatitude_5411_firmware
𝑥
< 1.23.0
delllatitude_5420_firmware
𝑥
< 1.30.0
delllatitude_5420_rugged_firmware
𝑥
< 1.26.1
delllatitude_5424_rugged_firmware
𝑥
< 1.26.1
delllatitude_5430_firmware
𝑥
< 1.15.0
delllatitude_5431_firmware
𝑥
< 1.15.0
delllatitude_5480_firmware
𝑥
< 1.31.0
delllatitude_5488_firmware
𝑥
< 1.31.0
delllatitude_5500_firmware
𝑥
< 1.25.0
delllatitude_5511_firmware
𝑥
< 1.23.0
delllatitude_5580_firmware
𝑥
< 1.31.0
delllatitude_7200_2-in-1_firmware
𝑥
< 1.23.0
delllatitude_7210_2-in-1_firmware
𝑥
< 1.23.0
delllatitude_7230_rugged_extreme_tablet_firmware
𝑥
< 1.8.0
delllatitude_7280_firmware
𝑥
< 1.32.1
delllatitude_7285_2-in-1_firmware
𝑥
< 1.21.0
delllatitude_7290_firmware
𝑥
< 1.33.0
delllatitude_7300_firmware
𝑥
< 1.26.0
delllatitude_7310_firmware
𝑥
< 1.24.0
delllatitude_7320_firmware
𝑥
< 1.28.0
delllatitude_7380_firmware
𝑥
< 1.32.1
delllatitude_7390_firmware
𝑥
< 1.33.0
delllatitude_7390_2-in-1_firmware
𝑥
< 1.31.0
delllatitude_7400_firmware
𝑥
< 1.26.0
delllatitude_7400_2-in-1_firmware
𝑥
< 1.22.0
delllatitude_7410_firmware
𝑥
< 1.24.0
delllatitude_7420_firmware
𝑥
< 1.28.0
delllatitude_7424_rugged_extreme_firmware
𝑥
< 1.26.1
delllatitude_7480_firmware
𝑥
< 1.32.1
delllatitude_7490_firmware
𝑥
< 1.33.0
delllatitude_7520_firmware
𝑥
< 1.28.0
delllatitude_9330_firmware
𝑥
< 1.13.0
delllatitude_9410_firmware
𝑥
< 1.23.0
delllatitude_9510_firmware
𝑥
< 1.21.0
delllatitude_9520_firmware
𝑥
< 1.24.0
delllatitude_rugged_5430_firmware
𝑥
< 1.20.0
delllatitude_rugged_7220_firmware
𝑥
< 1.30.0
delllatitude_rugged_7220ex_firmware
𝑥
< 1.30.0
delllatitude_rugged_7330_firmware
𝑥
< 1.20.0
delloptiplex_3000_firmware
𝑥
< 1.15.0
delloptiplex_3000_thin_client_firmware
𝑥
< 1.11.0
delloptiplex_3050_all-in-one_firmware
𝑥
< 1.27.0
delloptiplex_3090_firmware
𝑥
< 2.14.0
delloptiplex_3280_all-in-one_firmware
𝑥
< 1.23.0
delloptiplex_5000_firmware
𝑥
< 1.15.0
delloptiplex_5090_firmware
𝑥
< 1.19.0
delloptiplex_5250_firmware
𝑥
< 1.27.0
delloptiplex_5260_all-in-one_firmware
𝑥
< 1.28.0
delloptiplex_5270_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_5400_all-in-one_firmware
𝑥
< 1.1.30
delloptiplex_5480_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_5490_all-in-one_firmware
𝑥
< 1.23.0
delloptiplex_7000_firmware
𝑥
< 1.15.0
delloptiplex_7060_firmware
𝑥
< 1.26.0
delloptiplex_7070_firmware
𝑥
< 1.22.0
delloptiplex_7070_ultra_firmware
𝑥
< 1.20.0
delloptiplex_7080_firmware
𝑥
< 1.21.0
delloptiplex_7090_firmware
𝑥
< 1.19.0
delloptiplex_7400_all-in-one_firmware
𝑥
< 1.1.30
delloptiplex_7450_firmware
𝑥
< 1.27.0
delloptiplex_7460_all-in-one_firmware
𝑥
< 1.28.0
delloptiplex_7470_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_7480_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_7490_all-in-one_firmware
𝑥
< 1.23.0
delloptiplex_7760_all-in-one_firmware
𝑥
< 1.28.0
delloptiplex_7770_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_7780_all-in-one_firmware
𝑥
< 1.24.0
delloptiplex_7410_all-in-one_firmware
𝑥
< 1.6.0
delloptiplex_micro_plus_7010_firmware
𝑥
< 1.6.0
delloptiplex_small_form_factor_plus_7010_firmware
𝑥
< 1.6.0
delloptiplex_tower_plus_7010_firmware
𝑥
< 1.6.0
delloptiplex_xe4_firmware
𝑥
< 1.15.0
dellprecision_3240_compact_firmware
𝑥
< 1.20.0
dellprecision_3260_xe_compact_firmware
𝑥
< 2.7.0
dellprecision_3260_compact_firmware
𝑥
< 2.7.0
dellprecision_3450_firmware
𝑥
< 1.19.0
dellprecision_3460_xe_small_form_factor_firmware
𝑥
< 2.7.0
dellprecision_3460_small_form_factor_firmware
𝑥
< 2.7.0
dellprecision_3470_firmware
𝑥
< 1.15.0
dellprecision_3520_firmware
𝑥
< 1.31.0
dellprecision_3540_firmware
𝑥
< 1.25.0
dellprecision_3551_firmware
𝑥
< 1.23.0
dellprecision_3630_tower_firmware
𝑥
< 2.23.0
dellprecision_3640_tower_firmware
𝑥
< 1.24.0
dellprecision_3650_tower_firmware
𝑥
< 1.24.0
dellprecision_3660_firmware
𝑥
< 2.7.0
dellprecision_3930_rack_firmware
𝑥
< 2.26.0
dellprecision_5470_firmware
𝑥
< 1.15.0
dellprecision_5520_firmware
𝑥
< 1.33.0
dellprecision_5530_firmware
𝑥
< 1.32.0
dellprecision_5530_2-in-1_firmware
𝑥
< 1.26.8
dellprecision_5540_firmware
𝑥
< 1.23.0
dellprecision_5570_firmware
𝑥
< 1.16.0
dellprecision_5720_aio_firmware
𝑥
< 2.20.0
dellprecision_5820_tower_firmware
𝑥
< 2.31.0
dellprecision_5860_tower_firmware
𝑥
< 1.0.10
dellprecision_7520_firmware
𝑥
< 1.31.0
dellprecision_7540_firmware
𝑥
< 1.27.0
dellprecision_7550_firmware
𝑥
< 1.24.0
dellprecision_7720_firmware
𝑥
< 1.31.0
dellprecision_7740_firmware
𝑥
< 1.27.0
dellprecision_7750_firmware
𝑥
< 1.24.0
dellprecision_7820_tower_firmware
𝑥
< 2.35.0
dellprecision_7920_tower_firmware
𝑥
< 2.35.0
dellprecision_7960_tower_firmware
𝑥
< 1.0.9
dellvostro_3020_sff_firmware
𝑥
< 1.6.0
dellvostro_3020_t_firmware
𝑥
< 1.6.0
dellvostro_3070_firmware
𝑥
< 2.32.0
dellvostro_3470_firmware
𝑥
< 2.32.0
dellvostro_3480_firmware
𝑥
< 1.25.0
dellvostro_3481_firmware
𝑥
< 1.23.0
dellvostro_3510_firmware
𝑥
< 1.23.0
dellvostro_3580_firmware
𝑥
< 1.25.0
dellvostro_3581_firmware
𝑥
< 1.23.0
dellvostro_3583_firmware
𝑥
< 1.25.0
dellvostro_3584_firmware
𝑥
< 1.23.0
dellvostro_3670_firmware
𝑥
< 2.32.0
dellvostro_3681_firmware
𝑥
< 2.21.0
dellvostro_3690_firmware
𝑥
< 1.19.0
dellvostro_3710_firmware
𝑥
< 1.15.0
dellvostro_3881_firmware
𝑥
< 2.21.0
dellvostro_3888_firmware
𝑥
< 2.21.0
dellvostro_3890_firmware
𝑥
< 1.19.0
dellvostro_3910_firmware
𝑥
< 1.15.0
dellvostro_5410_firmware
𝑥
< 2.20.0
dellvostro_5491_firmware
𝑥
< 1.27.0
dellvostro_5510_firmware
𝑥
< 2.20.0
dellvostro_5591_firmware
𝑥
< 1.27.0
dellvostro_5890_firmware
𝑥
< 1.19.0
dellvostro_7500_firmware
𝑥
< 1.24.0
dellvostro_7510_firmware
𝑥
< 1.17.0
dellvostro_7590_firmware
𝑥
< 1.21.0
dellwyse_5470_firmware
𝑥
< 1.20.0
dellwyse_5470_all-in-one_firmware
𝑥
< 1.21.0
dellxps_13_9305_firmware
𝑥
< 1.16.0
dellxps_13_7390_firmware
𝑥
< 1.21.0
dellxps_13_7390_2-in-1_firmware
𝑥
< 1.26.0
dellxps_13_9300_firmware
𝑥
< 1.19.0
dellxps_13_9310_firmware
𝑥
< 3.17.0
dellxps_13_9310_2-in-1_firmware
𝑥
< 2.19.0
dellxps_13_9315_firmware
𝑥
< 1.13.0
dellxps_13_9380_firmware
𝑥
< 1.25.0
dellxps_15_7590_firmware
𝑥
< 1.23.0
dellxps_15_9520_firmware
𝑥
< 1.16.0
dellxps_15_9575_2-in-1_firmware
𝑥
< 1.28.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability
https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability