CVE-2023-48674

Summary

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.

Affected Software

VendorProductVersion RangeStatus
DellCPG BIOSN/A < 1.28.0affected
DellCPG BIOSN/A < 1.27.1affected
DellCPG BIOSN/A < 1.24.0affected
DellCPG BIOSN/A < 1.12.0affected
DellCPG BIOSN/A < 1.32.0affected
DellCPG BIOSN/A < 1.26.0affected
DellCPG BIOSN/A < 1.27.0affected
DellCPG BIOSN/A < 1.11.0affected
DellCPG BIOSN/A < 1.20.0affected
DellCPG BIOSN/A < 1.9.0affected
DellCPG BIOSN/A < 3.20.0affected
DellCPG BIOSN/A < 1.17.0affected

Weaknesses

  • CWE-170: CWE-170: Improper Null Termination

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References