CVE-2023-32461

MEDIUM

Dell Poweredge R660 Firmware < 1.5.6 - Heap Buffer Overflow

Title source: rule

Description

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability

Scores

CVSS v3 5.0

EPSS 0.0006

EPSS Percentile 20.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-122

Status published

Products (50)

dell/emc_xc_core_xc450_firmware < 1.11.2

dell/emc_xc_core_xc650_firmware < 1.11.2

dell/emc_xc_core_xc6520_firmware < 1.11.2

dell/emc_xc_core_xc750_firmware < 1.11.2

dell/emc_xc_core_xc750xa_firmware < 1.11.2

dell/emc_xc_core_xc7525_firmware < 2.11.3

dell/poweredge_c6520_firmware < 1.10.2

dell/poweredge_c6525_firmware < 2.11.3

dell/poweredge_c6620_firmware < 1.5.6

dell/poweredge_hs5610_firmware < 1.5.6

... and 40 more

Published Sep 15, 2023

Tracked Since Feb 18, 2026