7.6

CVE-2023-32475

Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.

Data is provided by the National Vulnerability Database (NVD)
DellVostro 5625 Firmware Version < 1.13.0
   DellVostro 5625 Version-
DellVostro 5515 Firmware Version < 1.19.0
   DellVostro 5515 Version-
DellVostro 5415 Firmware Version < 1.19.0
   DellVostro 5415 Version-
DellVostro 3405 Firmware Version < 1.16.0
   DellVostro 3405 Version-
DellVostro 16 5635 Firmware Version < 1.8.0
   DellVostro 16 5635 Version-
DellVostro 15 3535 Firmware Version < 1.12.0
   DellVostro 15 3535 Version-
DellVostro 15 3525 Firmware Version < 1.15.1
   DellVostro 15 3525 Version-
DellVostro 15 3515 Firmware Version < 1.16.0
   DellVostro 15 3515 Version-
DellVostro 14 3435 Firmware Version < 1.12.0
   DellVostro 14 3435 Version-
DellVostro 14 3425 Firmware Version < 1.15.1
   DellVostro 14 3425 Version-
DellInspiron 7415 2-in-1 Firmware Version < 1.19.0
   DellInspiron 7415 2-in-1 Version-
DellInspiron 7405 2-in-1 Firmware Version < 1.15.0
   DellInspiron 7405 2-in-1 Version-
DellInspiron 5515 Firmware Version < 1.19.0
   DellInspiron 5515 Version-
DellInspiron 5505 Firmware Version < 1.14.0
   DellInspiron 5505 Version-
DellInspiron 5415 Firmware Version < 1.19.0
   DellInspiron 5415 Version-
DellInspiron 5405 Firmware Version < 1.14.0
   DellInspiron 5405 Version-
DellInspiron 3505 Firmware Version < 1.16.0
   DellInspiron 3505 Version-
DellInspiron 16 7635 2-in-1 Firmware Version < 1.8.0
   DellInspiron 16 7635 2-in-1 Version-
DellInspiron 16 5635 Firmware Version < 1.8.0
   DellInspiron 16 5635 Version-
DellInspiron 16 5625 Firmware Version < 1.13.0
   DellInspiron 16 5625 Version-
DellInspiron 15 3535 Firmware Version < 1.12.0
   DellInspiron 15 3535 Version-
DellInspiron 15 3525 Firmware Version < 1.15.1
   DellInspiron 15 3525 Version-
DellInspiron 15 3515 Firmware Version < 1.16.0
   DellInspiron 15 3515 Version-
DellInspiron 14 7435 2-in-1 Firmware Version < 1.8.0
   DellInspiron 14 7435 2-in-1 Version-
DellInspiron 14 7425 2-in-1 Firmware Version < 1.13.0
   DellInspiron 14 7425 2-in-1 Version-
DellInspiron 14 5435 Firmware Version < 1.8.0
   DellInspiron 14 5435 Version-
DellInspiron 14 5425 Firmware Version < 1.13.0
   DellInspiron 14 5425 Version-
DellG5 5505 Firmware Version < 1.18.0
   DellG5 5505 Version-
DellG15 5535 Firmware Version < 1.5.0
   DellG15 5535 Version-
DellG15 5525 Firmware Version < 1.15.0
   DellG15 5525 Version-
DellG15 5515 Firmware Version < 1.15.0
   DellG15 5515 Version-
DellAlienware M18 Firmware Version < 1.9.0
   DellAlienware M18 Version-
DellAlienware M17 R5 Amd Firmware Version < 1.15.0
   DellAlienware M17 R5 Amd Version-
DellAlienware M16 R1 Amd Firmware Version < 1.9.0
   DellAlienware M16 R1 Amd Version-
DellAlienware M15 R7 Amd Firmware Version < 1.15.0
   DellAlienware M15 R7 Amd Version-
DellAlienware Aurora R15 Amd Firmware Version < 1.13.0
   DellAlienware Aurora R15 Amd Version-
DellAlienware Aurora R10 Firmware Version < 2.6.0
   DellAlienware Aurora R10 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.01% 0.009
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.6 0.9 6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
security_alert@emc.com 7.6 0.9 6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE-353 Missing Support for Integrity Check

The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.