6.7
CVE-2023-39251
- EPSS 0.04%
- Veröffentlicht 22.12.2023 18:15:07
- Zuletzt bearbeitet 21.11.2024 08:14:59
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Inspiron 7510 Firmware Version < 1.20.0
Dell ≫ Inspiron 7610 Firmware Version < 1.20.0
Dell ≫ Latitude 5430 Rugged Firmware Version < 1.23.0
Dell ≫ Latitude 5521 Firmware Version < 1.27.0
Dell ≫ Latitude 7330 Rugged Firmware Version < 1.23.0
Dell ≫ Precision 3561 Firmware Version < 1.27.0
Dell ≫ Precision 5560 Firmware Version < 1.25.0
Dell ≫ Precision 5760 Firmware Version < 1.24.0
Dell ≫ Precision 7560 Firmware Version < 1.27.0
Dell ≫ Precision 7760 Firmware Version < 1.27.0
Dell ≫ Vostro 7510 Firmware Version < 1.20.0
Dell ≫ Xps 15 9510 Firmware Version < 1.25.0
Dell ≫ Xps 17 9710 Firmware Version < 1.24.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.087 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| security_alert@emc.com | 6.7 | 1.5 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.