CVE-2023-32475
HIGHDell Vostro and Inspiron Firmware - Missing Support for Integrity Check
Title source: llmDescription
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability
Scores
CVSS v3
7.6
EPSS
0.0001
EPSS Percentile
3.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-353
Status
published
Products (40)
dell/alienware_aurora_r10_firmware
< 2.6.0
dell/alienware_aurora_r15_amd_firmware
< 1.13.0
dell/alienware_aurora_ryzen_edition_r14_firmware
< 2.16.0
dell/alienware_m15_r7_amd_firmware
< 1.15.0
dell/alienware_m15_ryzen_edition_r5_firmware
< 1.16.0
dell/alienware_m16_r1_amd_firmware
< 1.9.0
dell/alienware_m17_r5_amd_firmware
< 1.15.0
dell/alienware_m18_firmware
< 1.9.0
dell/g15_5515_firmware
< 1.15.0
dell/g15_5525_firmware
< 1.15.0
... and 30 more
Published
Jun 07, 2024
Tracked Since
Feb 18, 2026