CVE-2023-28075
published 2023-08-16CVE-2023-28075: Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially…
medium6.3CVSS 3.1
AVPACHPRLUINSUCHIHAH
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
Affected
243 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_m15_r7_firmware | < 1.18.0 | 1.18.0 |
| dell | alienware_m16_firmware | < 1.10.1 | 1.10.1 |
| dell | alienware_m18_firmware | < 1.10.1 | 1.10.1 |
| dell | chengming_3900_firmware | < 1.15.0 | 1.15.0 |
| dell | chengming_3901_firmware | < 1.15.0 | 1.15.0 |
| dell | chengming_3910_firmware | < 1.6.0 | 1.6.0 |
| dell | chengming_3911_firmware | < 1.6.0 | 1.6.0 |
| dell | chengming_3980_firmware | < 2.32.0 | 2.32.0 |
| dell | chengming_3990_firmware | < 1.21.0 | 1.21.0 |
| dell | chengming_3991_firmware | < 1.21.0 | 1.21.0 |
| dell | cpg_bios | — | — |
| dell | edge_gateway_3000_firmware | < 1.13.0 | 1.13.0 |
| dell | edge_gateway_5000_firmware | < 1.23.0 | 1.23.0 |
| dell | embedded_box_pc_3000_firmware | < 1.19.0 | 1.19.0 |
| dell | embedded_box_pc_5000_firmware | < 1.20.0 | 1.20.0 |
| dell | g15_5520_firmware | < 1.18.0 | 1.18.0 |
| dell | g16_7620_firmware | < 1.18.0 | 1.18.0 |
| dell | g3_3500_firmware | < 1.26.0 | 1.26.0 |
| dell | g5_15_5500_firmware | < 1.26.0 | 1.26.0 |
| dell | g5_15_5590_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_15_7500_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_15_7590_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_17_7700_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_17_7790_firmware | < 1.26.0 | 1.26.0 |
| dell | inspiron_14_5410_firmware | < 2.20.0 | 2.20.0 |