CVE-2023-32480
MEDIUMCVSS 6.8/10EPSS 0.32%
Last modified
CVE-2023-32480 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution. . EPSS estimates a 0.32% chance of exploitation in the next 30 days.
Description
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Alienware M15 R7 Firmware | < 1.17.0 |
| Dell | G15 5510 Firmware | < 1.19.0 |
| Dell | G15 5520 Firmware | < 1.17.0 |
| Dell | Inspiron 14 5410 Firmware | < 2.19.1 |
| Dell | Inspiron 14 5418 Firmware | < 2.19.1 |
| Dell | Inspiron 15 5510 Firmware | < 2.19.1 |
| Dell | Inspiron 15 5518 Firmware | < 2.19.1 |
| Dell | Inspiron 16 7620 2-In-1 Firmware | < 1.12.1 |
| Dell | Inspiron 3520 Firmware | < 1.15.0 |
| Dell | Inspiron 5410 Firmware | < 2.19.1 |
| Dell | Inspiron 5420 Firmware | < 1.14.1 |
| Dell | Inspiron 5620 Firmware | < 1.14.1 |
| Dell | Inspiron 7420 Firmware | < 1.12.1 |
| Dell | Inspiron 7510 Firmware | < 1.16.1 |
| Dell | Inspiron 7610 Firmware | < 1.16.1 |
| Dell | Latitude 3320 Firmware | < 1.22.2 |
| Dell | Latitude 3420 Firmware | < 1.29.0 |
| Dell | Latitude 3430 Firmware | < 1.10.1 |
| Dell | Latitude 3520 Firmware | < 1.29.0 |
| Dell | Latitude 3530 Firmware | < 1.10.1 |
| Dell | Precision 5760 Firmware | < 1.20.1 |
| Dell | Precision 5770 Firmware | < 1.17.1 |
| Dell | Vostro 3420 Firmware | < 1.15.0 |
| Dell | Vostro 3520 Firmware | < 1.15.0 |
| Dell | Vostro 5410 Firmware | < 2.19.1 |
| Dell | Vostro 5510 Firmware | < 2.19.1 |
| Dell | Vostro 5620 Firmware | < 1.14.1 |
| Dell | Vostro 7510 Firmware | < 1.16.1 |
| Dell | Xps 13 9315 2-In-1 Firmware | < 1.8.1 |
| Dell | Xps 17 9710 Firmware | < 1.20.1 |
| Dell | Xps 17 9720 Firmware | < 1.17.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-32480?
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.
How severe is CVE-2023-32480?
CVE-2023-32480 has a CVSS score of 6.8/10 (MEDIUM severity). The EPSS model estimates a 0.32% probability of exploitation in the next 30 days.
How do I fix CVE-2023-32480?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2023-32480?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST