CVE-2023-44298

LOW

Dell PowerEdge 16G Intel E5 BIOS 1.4.4 - Unauthenticated Information Tampering and Code Execution

Title source: llm

Description

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information tampering, code execution, denial of service.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability

Scores

CVSS v3 3.6

EPSS 0.0005

EPSS Percentile 16.8%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

Details

CWE

CWE-667 CWE-1234

Status published

Products (13)

dell/poweredge_c6620_firmware 1.4.4

dell/poweredge_hs5610_firmware 1.4.4

dell/poweredge_hs5620_firmware 1.4.4

dell/poweredge_mx760c_firmware 1.4.4

dell/poweredge_r660_firmware 1.4.4

dell/poweredge_r660xs_firmware 1.4.4

dell/poweredge_r760_firmware 1.4.4

dell/poweredge_r760xa_firmware 1.4.4

dell/poweredge_r760xd2_firmware 1.4.4

dell/poweredge_r760xs_firmware 1.4.4

... and 3 more

Published Dec 05, 2023

Tracked Since Feb 18, 2026