CVE-2023-32453
published 2023-08-16CVE-2023-32453: Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in…
low3.9CVSS 3.1
AVPACLPRHUINSUCNIHAN
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
Affected
112 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | alienware_m15_r7_firmware | < 1.18.0 | 1.18.0 |
| dell | alienware_m16_firmware | < 1.10.1 | 1.10.1 |
| dell | alienware_m18_firmware | < 1.10.1 | 1.10.1 |
| dell | chengming_3900_firmware | < 1.15.0 | 1.15.0 |
| dell | chengming_3901_firmware | < 1.15.0 | 1.15.0 |
| dell | chengming_3910_firmware | < 1.6.0 | 1.6.0 |
| dell | chengming_3911_firmware | < 1.6.0 | 1.6.0 |
| dell | cpg_bios | — | — |
| dell | g15_5520_firmware | < 1.18.0 | 1.18.0 |
| dell | g16_7620_firmware | < 1.18.0 | 1.18.0 |
| dell | g3_3500_firmware | < 1.26.0 | 1.26.0 |
| dell | g5_15_5500_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_15_7500_firmware | < 1.26.0 | 1.26.0 |
| dell | g7_17_7700_firmware | < 1.26.0 | 1.26.0 |
| dell | inspiron_14_5410_firmware | < 2.20.0 | 2.20.0 |
| dell | inspiron_14_5418_firmware | < 2.20.0 | 2.20.0 |
| dell | inspiron_15_3511_firmware | < 1.23.0 | 1.23.0 |
| dell | inspiron_15_5510_firmware | < 2.20.0 | 2.20.0 |
| dell | inspiron_15_5518_firmware | < 2.20.0 | 2.20.0 |
| dell | inspiron_24_5420_all-in-one_firmware | < 1.4.0 | 1.4.0 |
| dell | inspiron_24_5421_all-in-one_firmware | < 1.4.0 | 1.4.0 |
| dell | inspiron_27_7720_all-in-one_firmware | < 1.4.0 | 1.4.0 |
| dell | inspiron_3020_desktop_firmware | < 1.6.0 | 1.6.0 |
| dell | inspiron_3020_small_desktop_firmware | <= 1.6.0 | — |
| dell | inspiron_3493_firmware | < 1.27.0 | 1.27.0 |