CVE-2023-48674
6.8
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | CPG BIOS | N/A < 1.28.0 | affected |
| Dell | CPG BIOS | N/A < 1.27.1 | affected |
| Dell | CPG BIOS | N/A < 1.24.0 | affected |
| Dell | CPG BIOS | N/A < 1.12.0 | affected |
| Dell | CPG BIOS | N/A < 1.32.0 | affected |
| Dell | CPG BIOS | N/A < 1.26.0 | affected |
| Dell | CPG BIOS | N/A < 1.27.0 | affected |
| Dell | CPG BIOS | N/A < 1.11.0 | affected |
| Dell | CPG BIOS | N/A < 1.20.0 | affected |
| Dell | CPG BIOS | N/A < 1.9.0 | affected |
| Dell | CPG BIOS | N/A < 3.20.0 | affected |
| Dell | CPG BIOS | N/A < 1.17.0 | affected |
Weaknesses
- CWE-170: CWE-170: Improper Null Termination
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.