CVE-2023-32467

MEDIUM

Dell Edge Gateway 5000 Firmware < 1.05.10 - Out-of-Bounds Access

Title source: rule

Description

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200

Scores

CVSS v3 5.7

EPSS 0.0008

EPSS Percentile 22.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-665

Status published

Products (6)

dell/chengming_3977_firmware 0.1.13.0

dell/edge_gateway_3200_firmware

dell/edge_gateway_5000_firmware 0.1.19.0

dell/edge_gateway_5100_firmware 0.1.19.0

dell/edge_gateway_5200_firmware < 1.05.10

dell/xps_13_9350_firmware 0.1.13.0

Published Jul 10, 2024

Tracked Since Feb 18, 2026