CVE-2023-43088

EUVD-2023-47509
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
PHYSICAL
LOW
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
dellCNA
7.2 HIGH
PHYSICAL
LOW
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
dellprecision_7865_tower_firmware
𝑥
< 1.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000218223/dsa-2023-377
https://www.dell.com/support/kbdoc/en-us/000218223/dsa-2023-377