CVE-2023-43088
HIGHDell Precision 7865 Tower Firmware < 1.5.0 - Authenticated Arbitrary Code Execution via DMA
Title source: llmDescription
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000218223/dsa-2023-377
Scores
CVSS v3
7.2
EPSS
0.0005
EPSS Percentile
15.8%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-16
Status
published
Products (1)
dell/precision_7865_tower_firmware
< 1.5.0
Published
Dec 22, 2023
Tracked Since
Feb 18, 2026