CVE-2023-32480

moderate-risk

Published 2023-06-23

Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.8/10 Medium

PHYSICAL / LOW complexity

Affected Products (20)

Xps 13 9315 2-In-1 Firmware

Xps 17 9710 Firmware

Xps 17 9720 Firmware

Alienware M15 R7 Firmware

G15 5510 Firmware

G15 5520 Firmware

Inspiron 14 5410 Firmware

Inspiron 14 5418 Firmware

Inspiron 15 5510 Firmware

Inspiron 15 5518 Firmware

Inspiron 16 7620 2-In-1 Firmware

Inspiron 3520 Firmware

Inspiron 5410 Firmware

Inspiron 5420 Firmware

Inspiron 5620 Firmware

Inspiron 7420 Firmware

Inspiron 7510 Firmware

Inspiron 7610 Firmware

Latitude 3320 Firmware

Latitude 3420 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/kbdoc/en-us/000214779/dsa-2023-175-dell-client-bios...

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 0/34 · Minimal

Exposure 23/34 · High