CVE-2023-28074

Summary

Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

Affected Software

VendorProductVersion RangeStatus
DellDell BSAFE Micro Edition Suite5.0affected
DellDell BSAFE Micro Edition Suite4.0 <= 4.6.1affected
DellDell BSAFE Crypto-C Micro Edition4.0 <= 4.1.5affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

Workarounds

This issue can be mitigated by a workaround, if customer’s implementations are deemed to be vulnerable. Customers with an active maintenance contract can contact BSAFE Support for details about the workaround.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References