CVE-2023-48674

Name: CVE-2023-48674
Creator: NVD / NIST
Published: 2024-03-01T13:15:07.877+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.9/10EPSS 0.49%

Last modified Jun 17, 2026

CVE-2023-48674 is a medium-severity vulnerability rated 4.9/10 on the CVSS scale. Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.. EPSS estimates a 0.49% chance of exploitation in the next 30 days.

Description

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.

Metrics

CVSS 3.1

4.9/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.49%

38.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-170

Affected Software

Vendor	Product	Versions
Dell	Precision 3430 Tower Firmware	< 1.28.0
Dell	Precision 3431 Tower Firmware	< 1.24.0
Dell	Precision 3630 Tower Firmware	< 2.26.0
Dell	Precision 5820 Tower Firmware	< 2.34.0
Dell	Precision 7820 Tower Firmware	< 2.38.0
Dell	Precision 7920 Tower Firmware	< 2.38.0
Dell	Latitude 5280 Firmware	< 1.34.0
Dell	Latitude 5288 Firmware	< 1.34.0
Dell	Latitude 5290 Firmware	< 1.33.0
Dell	Latitude 5290 2-In-1 Firmware	< 1.32.0
Dell	Latitude 5300 Firmware	< 1.29.0
Dell	Latitude 5300 2-In-1 Firmware	< 1.29.0
Dell	Latitude 5310 Firmware	< 1.22.0
Dell	Latitude 5310 2-In-1 Firmware	< 1.22.0
Dell	Latitude 5320 Firmware	< 1.36.0
Dell	Latitude 5330 Firmware	< 1.19.0
Dell	Latitude 5340 Firmware	< 1.10.1
Dell	Latitude 5400 Firmware	< 1.28.0
Dell	Latitude 5401 Firmware	< 1.29.0
Dell	Latitude 5410 Firmware	< 1.25.0
Dell	Latitude 5411 Firmware	< 1.26.0
Dell	Latitude 5420 Firmware	< 1.36.2
Dell	Latitude 5420 Rugged Firmware	< 1.30.0
Dell	Latitude 5421 Firmware	< 1.27.1
Dell	Latitude 5424 Rugged Firmware	< 1.30.0
Dell	Latitude 5430 Firmware	< 1.19.0
Dell	Latitude 5430 Rugged Laptop Firmware	< 1.24.0
Dell	Latitude 5431 Firmware	< 1.19.0
Dell	Latitude 5440 Firmware	< 1.11.0
Dell	Latitude 5480 Firmware	< 1.34.0
Dell	Latitude 5488 Firmware	< 1.34.0
Dell	Latitude 5490 Firmware	< 1.33.0
Dell	Latitude 5491 Firmware	< 1.31.0
Dell	Latitude 5500 Firmware	< 1.28.0
Dell	Latitude 5501 Firmware	< 1.29.0
Dell	Latitude 5510 Firmware	< 1.25.0
Dell	Latitude 5511 Firmware	< 1.26.0
Dell	Latitude 5520 Firmware	< 1.36.0
Dell	Latitude 5521 Firmware	< 1.28.0
Dell	Latitude 5530 Firmware	< 1.21.1
Dell	Latitude 5531 Firmware	< 1.20.0
Dell	Latitude 5540 Firmware	< 1.10.1
Dell	Latitude 5580 Firmware	< 1.34.0
Dell	Latitude 5590 Firmware	< 1.33.0
Dell	Latitude 5591 Firmware	< 1.31.0
Dell	Latitude 7200 2-In-1 Firmware	< 1.27.0
Dell	Latitude 7210 2-In-1 Firmware	< 1.27.0
Dell	Latitude 7212 Rugged Extreme Tablet Firmware	< 1.48.0
Dell	Latitude 7220 Rugged Extreme Firmware	< 1.34.1
Dell	Latitude 7230 Rugged Extreme Firmware	< 1.12.0

Showing 50 of 174 affected configurations. See NVD for the full list.

References

https://www.dell.com/support/kbdoc/en-us/000220410/dsa-2023-467Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000220410/dsa-2023-467Vendor Advisory

Timeline

Published: Mar 1, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2023-48674?

How severe is CVE-2023-48674?

CVE-2023-48674 has a CVSS score of 4.9/10 (MEDIUM severity). The EPSS model estimates a 0.49% probability of exploitation in the next 30 days.

How do I fix CVE-2023-48674?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-48674?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST