ГлавнаяУязвимости → CVE-2023-32475
7.6высокая

CVE-2023-32475

Описание

Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.

Затрагиваемое ПО
Dell Vostro 5625 firmwareDell Vostro 5625Dell Vostro 5515 firmwareDell Vostro 5515Dell Vostro 5415 firmwareDell Vostro 5415Dell Vostro 3405 firmwareDell Vostro 3405Dell Vostro 16 5635 firmwareDell Vostro 16 5635Dell Vostro 15 3535 firmwareDell Vostro 15 3535Dell Vostro 15 3525 firmwareDell Vostro 15 3525Dell Vostro 15 3515 firmwareDell Vostro 15 3515Dell Vostro 14 3435 firmwareDell Vostro 14 3435Dell Vostro 14 3425 firmwareDell Vostro 14 3425Dell Inspiron 7415 2-in-1 firmwareDell Inspiron 7415 2-in-1Dell Inspiron 7405 2-in-1 firmwareDell Inspiron 7405 2-in-1Dell Inspiron 5515 firmware
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerabilityhttps://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability