CVE-2023-32480 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
dell	CNA	6.8 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 18%

Vendor	Product	Version
dell	alienware_m15_r7_firmware	𝑥 < 1.17.0
dell	g15_5510_firmware	𝑥 < 1.19.0
dell	g15_5520_firmware	𝑥 < 1.17.0
dell	inspiron_14_5410_firmware	𝑥 < 2.19.1
dell	inspiron_14_5418_firmware	𝑥 < 2.19.1
dell	inspiron_15_5510_firmware	𝑥 < 2.19.1
dell	inspiron_15_5518_firmware	𝑥 < 2.19.1
dell	inspiron_16_7620_2-in-1_firmware	𝑥 < 1.12.1
dell	inspiron_3520_firmware	𝑥 < 1.15.0
dell	inspiron_5410_firmware	𝑥 < 2.19.1
dell	inspiron_5420_firmware	𝑥 < 1.14.1
dell	inspiron_5620_firmware	𝑥 < 1.14.1
dell	inspiron_7420_firmware	𝑥 < 1.12.1
dell	inspiron_7510_firmware	𝑥 < 1.16.1
dell	inspiron_7610_firmware	𝑥 < 1.16.1
dell	latitude_3320_firmware	𝑥 < 1.22.2
dell	latitude_3420_firmware	𝑥 < 1.29.0
dell	latitude_3430_firmware	𝑥 < 1.10.1
dell	latitude_3520_firmware	𝑥 < 1.29.0
dell	latitude_3530_firmware	𝑥 < 1.10.1
dell	precision_5760_firmware	𝑥 < 1.20.1
dell	precision_5770_firmware	𝑥 < 1.17.1
dell	vostro_3420_firmware	𝑥 < 1.15.0
dell	vostro_3520_firmware	𝑥 < 1.15.0
dell	vostro_5410_firmware	𝑥 < 2.19.1
dell	vostro_5510_firmware	𝑥 < 2.19.1
dell	vostro_5620_firmware	𝑥 < 1.14.1
dell	vostro_7510_firmware	𝑥 < 1.16.1
dell	xps_13_9315_2-in-1_firmware	𝑥 < 1.8.1
dell	xps_17_9710_firmware	𝑥 < 1.20.1
dell	xps_17_9720_firmware	𝑥 < 1.17.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://www.dell.com/support/kbdoc/en-us/000214779/dsa-2023-175-dell-client-bios-security-update-for-an-improper-input-validation-vulnerability

https://www.dell.com/support/kbdoc/en-us/000214779/dsa-2023-175-dell-client-bios-security-update-for-an-improper-input-validation-vulnerability