Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
High
Attack Vector
Local
0

CVE-2023-32466

Disclosure Date: July 24, 2024
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.7 Medium
Impact Score:
3.7
Exploitability Score:
1.5
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope (S):
Changed
Confidentiality (C):
Low
Integrity (I):
Low
Availability (A):
Low

General Information

Vendors

  • dell

Products

  • edge gateway 3200 firmware

Additional Info

Technical Analysis