Strix
26.1K

CVE-2023-28063

MEDIUMCVSS 4.4/10EPSS 0.16%

Last modified

CVE-2023-28063 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. . EPSS estimates a 0.16% chance of exploitation in the next 30 days.

Description

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

Metrics

CVSS 3.1
4.4/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
0.16%

5.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DellOptiplex 3000 Micro FirmwareAll versions
DellOptiplex 3000 Small Form Factor FirmwareAll versions
DellOptiplex 3000 Tower FirmwareAll versions
DellOptiplex 5000 Micro FirmwareAll versions
DellOptiplex 5000 Small Form Factor FirmwareAll versions
DellOptiplex 5000 Tower FirmwareAll versions
DellOptiplex 7000 Micro FirmwareAll versions
DellOptiplex 7000 Small Form Factor FirmwareAll versions
DellOptiplex 7000 Tower FirmwareAll versions
DellOptiplex 7000 Xe Micro FirmwareAll versions
DellOptiplex 5090 Micro FirmwareAll versions
DellOptiplex 5090 Small Form Factor FirmwareAll versions
DellOptiplex 5090 Tower FirmwareAll versions
DellOptiplex Micro 7010 FirmwareAll versions
DellOptiplex Micro Plus 7010 FirmwareAll versions
DellOptiplex Small Form Factor 7010 FirmwareAll versions
DellOptiplex Small Form Factor Plus 7010 FirmwareAll versions
DellOptiplex Tower 7010 FirmwareAll versions
DellOptiplex Tower Plus 7010 FirmwareAll versions
DellOptiplex Xe4 FirmwareAll versions
DellOptiplex Xe4 Oemready FirmwareAll versions
DellPrecision 3260 Xe Compact FirmwareAll versions
DellPrecision 3260 Compact FirmwareAll versions
DellPrecision 3460 Xe Small Form Factor FirmwareAll versions
DellPrecision 3460 Small Form Factor FirmwareAll versions
DellAlienware M15 R6 FirmwareAll versions
DellAlienware M15 R7 FirmwareAll versions
DellChengming 3901 FirmwareAll versions
DellChengming 3900 FirmwareAll versions
DellChengming 3911 FirmwareAll versions
DellChengming 3910 FirmwareAll versions
DellChengming 3990 FirmwareAll versions
DellChengming 3991 FirmwareAll versions
DellG15 5510 FirmwareAll versions
DellG15 5511 FirmwareAll versions
DellG15 5520 FirmwareAll versions
DellG3 3500 FirmwareAll versions
DellG5 15 5590 FirmwareAll versions
DellG5 5000 FirmwareAll versions
DellG7 15 7500 FirmwareAll versions
DellG7 15 7590 FirmwareAll versions
DellG7 17 7700 FirmwareAll versions
DellG7 17 7790 FirmwareAll versions
DellInspiron 13 5320 FirmwareAll versions
DellInspiron 14 5418 FirmwareAll versions
DellInspiron 14 5410 FirmwareAll versions
DellInspiron 14 5420 FirmwareAll versions
DellInspiron 14 7420 2-In-1 FirmwareAll versions
DellInspiron 14 Plus 7420 FirmwareAll versions
DellInspiron 15 3511 FirmwareAll versions

Showing 50 of 291 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-28063?
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
How severe is CVE-2023-28063?
CVE-2023-28063 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.
How do I fix CVE-2023-28063?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-28063?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST