CVE-2023-32466 — Out-of-bounds Write in Dell Edge Gateway 3200

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

5.7MEDIUMNVD

EPSS

0.1%

top 73.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Edge Gateway 3200 Dell Edge Gateway 3200 Firmware

Timeline

PublishedJul 24

Description

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:LExploitability: 1.5 | Impact: 3.7

Affected Packages2 packages

▶CVEListV5dell/dell_edge_gateway_3200N/A — v1.03.10

▶NVDdell/edge_gateway_3200_firmware< 1.03.10

🔴Vulnerability Details

CVEList

CVE-2023-32466: Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability↗2024-07-24

▶

GHSA

GHSA-2mjr-rmpq-436h: Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability↗2024-07-24

▶