CVE-2023-48674: Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send…

medium4.9CVSS 3.1

AVNACLPRHUINSUCNINAH

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.

Affected

186 ranges· showing 25

Vendor	Product	Version range	Fixed in
dell	cpg_bios	>= N/A < 1.28.0	1.28.0
dell	cpg_bios	>= N/A < 1.27.1	1.27.1
dell	cpg_bios	>= N/A < 1.24.0	1.24.0
dell	cpg_bios	>= N/A < 1.12.0	1.12.0
dell	cpg_bios	>= N/A < 1.32.0	1.32.0
dell	cpg_bios	>= N/A < 1.26.0	1.26.0
dell	cpg_bios	>= N/A < 1.27.0	1.27.0
dell	cpg_bios	>= N/A < 1.11.0	1.11.0
dell	cpg_bios	>= N/A < 1.20.0	1.20.0
dell	cpg_bios	>= N/A < 1.9.0	1.9.0
dell	cpg_bios	>= N/A < 3.20.0	3.20.0
dell	cpg_bios	>= N/A < 1.17.0	1.17.0
dell	latitude_5280_firmware	< 1.34.0	1.34.0
dell	latitude_5288_firmware	< 1.34.0	1.34.0
dell	latitude_5290_2-in-1_firmware	< 1.32.0	1.32.0
dell	latitude_5290_firmware	< 1.33.0	1.33.0
dell	latitude_5300_2-in-1_firmware	< 1.29.0	1.29.0
dell	latitude_5300_firmware	< 1.29.0	1.29.0
dell	latitude_5310_2-in-1_firmware	< 1.22.0	1.22.0
dell	latitude_5310_firmware	< 1.22.0	1.22.0
dell	latitude_5320_firmware	< 1.36.0	1.36.0
dell	latitude_5330_firmware	< 1.19.0	1.19.0
dell	latitude_5340_firmware	< 1.10.1	1.10.1
dell	latitude_5400_firmware	< 1.28.0	1.28.0
dell	latitude_5401_firmware	< 1.29.0	1.29.0