CVE-2023-28064

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.1%

top 72.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Alienware M15 R6 Firmware Dell Alienware M15 R7 Firmware Dell Chengming 3900 Firmware +68 more

Timeline

PublishedJun 23

Description

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 0.9 | Impact: 2.5

Affected Packages71 packages

▶CVEListV5dell/cpg_biosAll Versions

▶NVDdell/g15_5510_firmware< 1.19.0

▶NVDdell/g15_5511_firmware< 1.22.1

▶NVDdell/g15_5520_firmware< 1.17.0

▶NVDdell/vostro_3420_firmware< 1.15.0

🔴Vulnerability Details

GHSA

GHSA-4mqc-3x4w-w79p: Dell BIOS contains an Out-of-bounds Write vulnerability↗2023-06-23

▶

CVEList

CVE-2023-28064: Dell BIOS contains an Out-of-bounds Write vulnerability↗2023-06-23

▶