CVE-2023-32480 — Improper Input Validation in Dell Alienware M15 R7 Firmware

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 78.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Alienware M15 R7 Firmware Dell G15 5510 Firmware Dell G15 5520 Firmware +29 more

Timeline

PublishedJun 23

Description

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages32 packages

▶CVEListV5dell/cpg_biosAll Versions

▶NVDdell/g15_5510_firmware< 1.19.0

▶NVDdell/g15_5520_firmware< 1.17.0

▶NVDdell/vostro_3420_firmware< 1.15.0

▶NVDdell/vostro_3520_firmware< 1.15.0

🔴Vulnerability Details

GHSA

GHSA-x39f-m4x2-52g8: Dell BIOS contains an Improper Input Validation vulnerability↗2023-06-23

▶

CVEList

CVE-2023-32480: Dell BIOS contains an Improper Input Validation vulnerability↗2023-06-23

▶