CVE-2023-32475

moderate-risk
Published 2024-06-07

Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.6/10 High
PHYSICAL / LOW complexity

Affected Products (20)

Vostro 5625 Firmware
Vostro 5515 Firmware
Vostro 5415 Firmware
Vostro 3405 Firmware
Vostro 16 5635 Firmware
Vostro 15 3535 Firmware
Vostro 15 3525 Firmware
Vostro 15 3515 Firmware
Vostro 14 3435 Firmware
Vostro 14 3425 Firmware
Inspiron 7415 2-In-1 Firmware
Inspiron 7405 2-In-1 Firmware
Inspiron 5515 Firmware
Inspiron 5505 Firmware
Inspiron 5415 Firmware
Inspiron 5405 Firmware
Inspiron 3505 Firmware
Inspiron 24 5415 All-In-One Firmware
Inspiron 16 7635 2-In-1 Firmware
Inspiron 16 5635 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-...
Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-...
48
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 24/34 · High