CVE-2023-32471

MEDIUM EPSS 6.3%
Published Jul 24, 20241y ago · Modified Jun 17, 20262w ago
6.0 CVSS 3.1
Medium
Find Similar
Published Jul 24, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.

CVSS Details

Base Score
6.0
Exploitability
1.5
Impact
4.0
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Changed
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
6.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 20

VendorProductVersionRange
delledge_gateway_3200_firmware*any
delledge_gateway_3200*any
delledge_gateway_5200_firmware*any
delledge_gateway_5200*any
dellprecision_3930_rack_firmware*any
dellprecision_3930_rack*any
delloptiplex_7080_firmware*any
delloptiplex_7080*any
dellprecision_5520_firmware*any
dellprecision_5520*any
dellinspiron_7460_firmware*any
dellinspiron_7460*any
dellprecision_5820_tower_firmware*any
dellprecision_5820_tower*any
dellg5_5587_firmware*any
dellg5_5587*any
dellg7_7588_firmware*any
dellg7_7588*any
dellvostro_15_7580_firmware*any
dellvostro_15_7580*any

References 1

  • dell.com https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.