CVE-2023-43088

CWE-163 documents3 sources

Severity

6.8MEDIUM

EPSS

0.1%

top 84.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Precision 7865 Tower Firmware Dell CPG Bios

Timeline

PublishedDec 22

Description

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 0.5 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5dell/cpg_biosVersions prior to 1.5.0

▶NVDdell/precision_7865_tower_firmware< 1.5.0

🔴Vulnerability Details

CVEList

CVE-2023-43088: Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability↗2023-12-22

▶

GHSA

GHSA-93jj-38rx-ghf8: Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability↗2023-12-22

▶