CVE-2023-28064

LOW

Dell Client BIOS - Unauthenticated Denial of Service via Out-of-bounds Write

Title source: llm

Description

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability

Scores

CVSS v3 3.5

EPSS 0.0012

EPSS Percentile 30.3%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (50)

dell/alienware_m15_r6_firmware < 1.22.1

dell/alienware_m15_r7_firmware < 1.17.0

dell/chengming_3900_firmware < 1.13.0

dell/chengming_3901_firmware < 1.13.0

dell/g15_5510_firmware < 1.19.0

dell/g15_5511_firmware < 1.22.1

dell/g15_5520_firmware < 1.17.0

dell/inspiron_14_5410_firmware < 2.19.1

dell/inspiron_14_5418_firmware < 2.19.1

dell/inspiron_14_plus_7420_firmware < 1.13.0

... and 40 more

Published Jun 23, 2023

Tracked Since Feb 18, 2026