CVE-2023-44297
Last modified
CVE-2023-44297 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service. . EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Poweredge R660 Firmware | 1.4.4 |
| Dell | Poweredge R760 Firmware | 1.4.4 |
| Dell | Poweredge C6620 Firmware | 1.4.4 |
| Dell | Poweredge Mx760c Firmware | 1.4.4 |
| Dell | Poweredge R860 Firmware | 1.4.4 |
| Dell | Poweredge R960 Firmware | 1.4.4 |
| Dell | Poweredge Hs5610 Firmware | 1.4.4 |
| Dell | Poweredge Hs5620 Firmware | 1.4.4 |
| Dell | Poweredge R660xs Firmware | 1.4.4 |
| Dell | Poweredge R760xs Firmware | 1.4.4 |
| Dell | Poweredge R760xd2 Firmware | 1.4.4 |
| Dell | Poweredge T560 Firmware | 1.4.4 |
| Dell | Poweredge R760xa Firmware | 1.4.4 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-44297?
How severe is CVE-2023-44297?
How do I fix CVE-2023-44297?
Are you affected by CVE-2023-44297?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST