CVE-2023-28064
MEDIUMCVSS 4.6/10EPSS 0.26%
Last modified
CVE-2023-28064 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. . EPSS estimates a 0.26% chance of exploitation in the next 30 days.
Description
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Alienware M15 R6 Firmware | < 1.22.1 |
| Dell | Alienware M15 R7 Firmware | < 1.17.0 |
| Dell | Chengming 3900 Firmware | < 1.13.0 |
| Dell | Chengming 3901 Firmware | < 1.13.0 |
| Dell | G15 5510 Firmware | < 1.19.0 |
| Dell | G15 5511 Firmware | < 1.22.1 |
| Dell | G15 5520 Firmware | < 1.17.0 |
| Dell | Inspiron 14 5418 Firmware | < 2.19.1 |
| Dell | Inspiron 14 5410 Firmware | < 2.19.1 |
| Dell | Inspiron 14 Plus 7420 Firmware | < 1.13.0 |
| Dell | Inspiron 15 3511 Firmware | < 1.22.1 |
| Dell | Inspiron 15 5510 Firmware | < 2.19.1 |
| Dell | Inspiron 15 5518 Firmware | < 2.19.1 |
| Dell | Inspiron 16 7620 2-In-1 Firmware | < 1.12.1 |
| Dell | Inspiron 16 Plus 7620 Firmware | < 1.13.0 |
| Dell | Inspiron 3511 Firmware | < 1.22.1 |
| Dell | Inspiron 3520 Firmware | < 1.15.0 |
| Dell | Inspiron 3891 Firmware | < 1.18.1 |
| Dell | Inspiron 3910 Firmware | < 1.13.0 |
| Dell | Inspiron 5310 Firmware | < 2.20.1 |
| Dell | Inspiron 5320 Firmware | < 1.11.1 |
| Dell | Inspiron 5410 Firmware | < 2.19.1 |
| Dell | Inspiron 5420 Firmware | < 1.14.1 |
| Dell | Inspiron 5620 Firmware | < 1.14.1 |
| Dell | Inspiron 7420 Firmware | < 1.12.1 |
| Dell | Inspiron 7510 Firmware | < 1.16.1 |
| Dell | Inspiron 7610 Firmware | < 1.16.1 |
| Dell | Latitude 3120 Firmware | < 1.17.2 |
| Dell | Latitude 3320 Firmware | < 1.22.2 |
| Dell | Latitude 3330 Firmware | < 1.13.0 |
| Dell | Latitude 3420 Firmware | < 1.29.0 |
| Dell | Latitude 3430 Firmware | < 1.10.1 |
| Dell | Latitude 3520 Firmware | < 1.29.0 |
| Dell | Latitude 3530 Firmware | < 1.10.1 |
| Dell | Latitude 5320 Firmware | < 1.28.1 |
| Dell | Latitude 5330 Firmware | < 1.13.1 |
| Dell | Latitude 5520 Firmware | < 1.28.1 |
| Dell | Latitude 5530 Firmware | < 1.13.2 |
| Dell | Latitude 5531 Firmware | < 1.14.1 |
| Dell | Latitude 7330 Firmware | < 1.14.1 |
| Dell | Latitude 7430 Firmware | < 1.14.1 |
| Dell | Latitude 7530 Firmware | < 1.14.1 |
| Dell | Latitude Rugged 5430 Firmware | < 1.18.1 |
| Dell | Latitude Rugged 7330 Firmware | < 1.18.1 |
| Dell | Optiplex 3000 Firmware | < 1.13.1 |
| Dell | Optiplex 5000 Firmware | < 1.13.1 |
| Dell | Optiplex 5400 Firmware | < 1.1.28 |
| Dell | Optiplex 7000 Firmware | < 1.13.1 |
| Dell | Optiplex 7000 Oem Firmware | < 1.13.1 |
| Dell | Optiplex 7400 Firmware | < 1.1.28 |
Showing 50 of 70 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-28064?
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
How severe is CVE-2023-28064?
CVE-2023-28064 has a CVSS score of 4.6/10 (MEDIUM severity). The EPSS model estimates a 0.26% probability of exploitation in the next 30 days.
How do I fix CVE-2023-28064?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2023-28064?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST