CVE-2023-32471

moderate-risk

Published 2024-07-24

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.

Do I need to act?

0.11% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.0/10 Medium

LOCAL / LOW complexity

Affected Products (10)

Edge Gateway 3200 Firmware

Edge Gateway 5200 Firmware

Precision 3930 Rack Firmware

Optiplex 7080 Firmware

Precision 5520 Firmware

Inspiron 7460 Firmware

Precision 5820 Tower Firmware

G5 5587 Firmware

G7 7588 Firmware

Vostro 15 7580 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-...

/ 100

moderate-risk

Severity 20/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 16/34 · Moderate