{ "id": "CVE-2023-39251", "sourceIdentifier": "security_alert@emc.com", "published": "2023-12-22T18:15:07.317", "lastModified": "2024-01-04T14:53:31.367", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nDell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.\n\n" }, { "lang": "es", "value": "Dell BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta. Un usuario malicioso local con altos privilegios podr\u00eda explotar esta vulnerabilidad para da\u00f1ar la memoria del sistema." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.8, "impactScore": 5.9 }, { "source": "security_alert@emc.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.5, "impactScore": 4.7 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] }, { "source": "security_alert@emc.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.20.0", "matchCriteriaId": "7CCD50FE-E4F3-48E3-A0D1-B9347E7414B5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*", "matchCriteriaId": "2793ECA0-0C7B-41A1-BC9B-F388D6E6B8B9" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:inspiron_7610_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.20.0", "matchCriteriaId": "D1AC697E-9535-42E1-AAF7-6A59A270B38B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:inspiron_7610:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD64EB37-6B29-432A-A698-302F7CEE6E39" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:latitude_5430_rugged_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.23.0", "matchCriteriaId": "9A289588-85FE-419E-BB73-D92A7214E825" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:latitude_5430_rugged:-:*:*:*:*:*:*:*", "matchCriteriaId": "706F3E4E-57D8-4F01-AE71-C71B19D42FAE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:latitude_5521_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.27.0", "matchCriteriaId": "6E48645B-5253-4617-811A-70FD13BC34E9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:latitude_5521:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BA0B010-1BD4-4D73-A67A-F89694606BAB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:latitude_7330_rugged_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.23.0", "matchCriteriaId": "EA3DD9BB-F853-456E-B1A2-BEB1815B1999" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:latitude_7330_rugged:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E66577E-7CA6-4D09-81C2-55CD31C228E2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:precision_3561_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.27.0", "matchCriteriaId": "348FF513-FBFC-4D76-A2C9-91E7799AC13F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:precision_3561:-:*:*:*:*:*:*:*", "matchCriteriaId": "464062AC-12E9-4EF6-A20B-71DF0DA4AC60" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:precision_5560_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.25.0", "matchCriteriaId": "00E7FB25-485A-497F-AE83-0F51CD629BD0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:precision_5560:-:*:*:*:*:*:*:*", "matchCriteriaId": "5574BCEC-24B9-4C6C-8918-968972E39513" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:precision_5760_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.24.0", "matchCriteriaId": "3743575A-B225-46D5-912C-27880F5E7787" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:precision_5760:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDFA9122-5B13-4653-AF92-751EB72F40F6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:precision_7560_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.27.0", "matchCriteriaId": "682A12DB-0554-47AF-AFA6-41A29374BFC5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:precision_7560:-:*:*:*:*:*:*:*", "matchCriteriaId": "23528F3E-4F26-4C23-BA0B-629597AD1991" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:precision_7760_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.27.0", "matchCriteriaId": "C7E722FD-30B9-4028-9528-CDB5B8C91667" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:precision_7760:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9DBAAF4-D6A8-4447-B592-DC27609B373F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:vostro_7510_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.20.0", "matchCriteriaId": "5F08CB51-37EE-4C85-B27A-6077E4B99F74" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:vostro_7510:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA54293A-A09E-4089-B86B-B49616F01AF2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:xps_15_9510_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.25.0", "matchCriteriaId": "69263598-26EC-4484-864A-72BD4504779C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:xps_15_9510:-:*:*:*:*:*:*:*", "matchCriteriaId": "C80D4578-6ABA-4E78-B8CB-385968AD2D75" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:dell:xps_17_9710_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.24.0", "matchCriteriaId": "4F6D8A92-39F3-4A02-8D07-CF271F3DA054" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:dell:xps_17_9710:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF4DACC8-3DBD-442D-807D-6A5AFDF00B56" } ] } ] } ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342", "source": "security_alert@emc.com", "tags": [ "Vendor Advisory" ] } ] }