SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2023-25936

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 6.7		CVSS Score :
Exploit Score: 0.8		Exploit Score:
Impact Score: 5.9		Impact Score:

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: LOCAL		Access Vector:
Attack Complexity: LOW		Access Complexity:
Privileges Required: HIGH		Authentication:
User Interaction: NONE		Confidentiality:
Scope: UNCHANGED		Integrity:
Confidentiality: HIGH		Availability:
Integrity: HIGH
Availability: HIGH

Reference:

https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities


30479



423868



250039



909



195882



282