CVE-2023-32471

EUVD-2023-36715
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
delledge_gateway_3200_firmware
-
delledge_gateway_5200_firmware
-
dellprecision_3930_rack_firmware
-
delloptiplex_7080_firmware
-
dellprecision_5520_firmware
-
dellinspiron_7460_firmware
-
dellprecision_5820_tower_firmware
-
dellg5_5587_firmware
-
dellg7_7588_firmware
-
dellvostro_15_7580_firmware
-
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
delldell_edge_gateway_5200
𝑥
< v1.05.10
ADP
delldell_edge_gateway_3200
𝑥
< v1.03.10
ADP
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200