CVE-2023-32460

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
dellCNA
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
dellpoweredge_r660_firmware
𝑥
< 1.6.6
dellpoweredge_r760_firmware
𝑥
< 1.6.6
dellpoweredge_c6620_firmware
𝑥
< 1.6.6
dellpoweredge_mx760c_firmware
𝑥
< 1.6.6
dellpoweredge_r860_firmware
𝑥
< 1.6.6
dellpoweredge_r960_firmware
𝑥
< 1.6.6
dellpoweredge_hs5610_firmware
𝑥
< 1.6.6
dellpoweredge_hs5620_firmware
𝑥
< 1.6.6
dellpoweredge_r660xs_firmware
𝑥
< 1.6.6
dellpoweredge_r760xs_firmware
𝑥
< 1.6.6
dellpoweredge_r760xd2_firmware
𝑥
< 1.6.6
dellpoweredge_t560_firmware
𝑥
< 1.6.6
dellpoweredge_r760xa_firmware
𝑥
< 1.6.6
dellpoweredge_xr5610_firmware
𝑥
< 1.6.6
dellpoweredge_xr8610t_firmware
𝑥
< 1.6.6
dellpoweredge_xr8620t_firmware
𝑥
< 1.6.6
dellpoweredge_r6615_firmware
𝑥
< 1.6.6
dellpoweredge_r7615_firmware
𝑥
< 1.6.6
dellpoweredge_xr7620_firmware
𝑥
< 1.6.6
dellpoweredge_xe8640_firmware
𝑥
< 1.3.6
dellpoweredge_xe9640_firmware
𝑥
< 1.3.6
dellpoweredge_xe9680_firmware
𝑥
< 1.3.6
dellpoweredge_r6625_firmware
𝑥
< 1.6.8
dellpoweredge_r7625_firmware
𝑥
< 1.6.8
dellpoweredge_c6615_firmware
𝑥
< 1.1.2
dellpoweredge_r650_firmware
𝑥
< 1.12.1
dellpoweredge_r750_firmware
𝑥
< 1.12.1
dellpoweredge_r750xa_firmware
𝑥
< 1.12.1
dellpoweredge_c6520_firmware
𝑥
< 1.12.1
dellpoweredge_mx750c_firmware
𝑥
< 1.12.1
dellpoweredge_r550_firmware
𝑥
< 1.12.1
dellpoweredge_r450_firmware
𝑥
< 1.12.1
dellpoweredge_r650xs_firmware
𝑥
< 1.12.1
dellpoweredge_r750xs_firmware
𝑥
< 1.12.1
dellpoweredge_t550_firmware
𝑥
< 1.12.1
dellpoweredge_xr11_firmware
𝑥
< 1.12.1
dellpoweredge_xr12_firmware
𝑥
< 1.12.1
dellpoweredge_t150_firmware
𝑥
< 1.8.1
dellpoweredge_t350_firmware
𝑥
< 1.8.1
dellpoweredge_r250_firmware
𝑥
< 1.8.1
dellpoweredge_r350_firmware
𝑥
< 1.8.1
dellpoweredge_xr4510c_firmware
𝑥
< 1.13.3
dellpoweredge_xr4520c_firmware
𝑥
< 1.13.3
dellpoweredge_r6515_firmware
𝑥
< 2.13.3
dellpoweredge_r6525_firmware
𝑥
< 2.13.3
dellpoweredge_r7515_firmware
𝑥
< 2.13.3
dellpoweredge_r7525_firmware
𝑥
< 2.13.3
dellpoweredge_c6525_firmware
𝑥
< 2.13.3
dellpoweredge_xe8545_firmware
𝑥
< 2.13.3
dellpoweredge_r740_firmware
𝑥
< 2.20.1
dellpoweredge_r640_firmware
𝑥
< 2.20.1
dellpoweredge_r940_firmware
𝑥
< 2.20.1
dellpoweredge_r540_firmware
𝑥
< 2.20.1
dellpoweredge_r440_firmware
𝑥
< 2.20.1
dellpoweredge_t440_firmware
𝑥
< 2.20.1
dellpoweredge_xr2_firmware
𝑥
< 2.20.1
dellpoweredge_r840_firmware
𝑥
< 2.20.1
dellpoweredge_t640_firmware
𝑥
< 2.20.1
dellpoweredge_c6420_firmware
𝑥
< 2.20.1
dellpoweredge_fc640_firmware
𝑥
< 2.20.1
dellpoweredge_m640_firmware
𝑥
< 2.20.1
dellpoweredge_c4140_firmware
𝑥
< 2.20.1
dellpoweredge_mx740c_firmware
𝑥
< 2.20.1
dellpoweredge_mx840c_firmware
𝑥
< 2.20.1
dellpoweredge_r740xd_firmware
𝑥
< 2.20.1
dellpoweredge_r740xd2_firmware
𝑥
< 2.20.1
dellpoweredge_r940xa_firmware
𝑥
< 2.20.1
dellpoweredge_xe2420_firmware
𝑥
< 2.20.0
dellpoweredge_xe7420_firmware
𝑥
< 2.20.0
dellpoweredge_xe7440_firmware
𝑥
< 2.20.0
dellpoweredge_t140_firmware
𝑥
< 2.15.1
dellpoweredge_t340_firmware
𝑥
< 2.15.1
dellpoweredge_r240_firmware
𝑥
< 2.15.1
dellpoweredge_r340_firmware
𝑥
< 2.15.1
dellpoweredge_r6415_firmware
𝑥
< 1.21.0
dellpoweredge_r7415_firmware
𝑥
< 1.21.0
dellpoweredge_r7425_firmware
𝑥
< 1.21.0
dellpoweredge_r930_firmware
𝑥
< 2.13.0
dellpoweredge_r730_firmware
𝑥
< 2.18.1
dellpoweredge_r730xd_firmware
𝑥
< 2.18.1
dellpoweredge_r630_firmware
𝑥
< 2.18.1
dellpoweredge_c4130_firmware
𝑥
< 2.18.1
dellpoweredge_m630_firmware
𝑥
< 2.18.1
dellpoweredge_fc630_firmware
𝑥
< 2.18.1
dellpoweredge_fc430_firmware
𝑥
< 2.18.1
dellpoweredge_m830_firmware
𝑥
< 2.18.1
dellpoweredge_fc830_firmware
𝑥
< 2.18.1
dellpoweredge_t630_firmware
𝑥
< 2.18.2
dellpoweredge_r530_firmware
𝑥
< 2.18.2
dellpoweredge_r430_firmware
𝑥
< 2.18.2
dellpoweredge_t430_firmware
𝑥
< 2.18.2
dellpoweredge_c6320_firmware
𝑥
< 2.18.2
dellpoweredge_t130_firmware
𝑥
< 2.19.1
dellpoweredge_r230_firmware
𝑥
< 2.19.1
dellpoweredge_t330_firmware
𝑥
< 2.19.1
dellpoweredge_r330_firmware
𝑥
< 2.19.1
dellpoweredge_r830_firmware
𝑥
< 1.18.1
dellpoweredge_m640_\(pe_vrtx\)_firmware
𝑥
< 2.20.1
dellpoweredge_m630_\(pe_vrtx\)_firmware
𝑥
< 2.18.1
dellpoweredge_m830_\(pe_vrtx\)_firmware
𝑥
< 2.18.1
delldss_8440_firmware
𝑥
< 2.20.0
dellnx3230_firmware
𝑥
< 2.18.1
dellnx3330_firmware
𝑥
< 2.18.1
dellnx430_firmware
𝑥
< 2.19.1
dellemc_storage_nx3240_firmware
𝑥
< 2.20.1
dellemc_storage_nx3340_firmware
𝑥
< 2.20.1
dellemc_nx440_firmware
𝑥
< 2.15.1
dellemc_xc_core_xc450_firmware
𝑥
< 1.12.1
dellemc_xc_core_xc650_firmware
𝑥
< 1.12.1
dellemc_xc_core_xc750_firmware
𝑥
< 1.12.1
dellemc_xc_core_xc750xa_firmware
𝑥
< 1.12.1
dellemc_xc_core_xc6520_firmware
𝑥
< 1.12.1
dellemc_xc_core_xcxr2_firmware
𝑥
< 2.20.1
dellemc_xc_core_xc740xd2_firmware
𝑥
< 2.20.1
dellemc_xc_core_xc7525_firmware
𝑥
< 2.13.3
dellemc_xc_core_6420_firmware
𝑥
< 2.20.1
dellemc_xc_core_xc640_firmware
𝑥
< 2.20.1
dellemc_xc_core_xc740xd_firmware
𝑥
< 2.20.1
dellemc_xc_core_xc940_firmware
𝑥
< 2.20.1
dellxc_core_xc660_firmware
𝑥
< 1.6.6
dellxc_core_xc760_firmware
𝑥
< 1.6.6
dellxc6320_hyperconverged_appliance_firmware
𝑥
< 2.18.2
dellxc430_hyperconverged_appliance_firmware
𝑥
< 2.18.2
dellxc630_hyperconverged_appliance_firmware
𝑥
< 2.18.1
dellxc730_hyperconverged_appliance_firmware
𝑥
< 2.18.1
dellxc730xd_hyperconverged_appliance_firmware
𝑥
< 2.18.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability
https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability