Vulnerability Details CVE-2023-44297
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.3%
CVSS Severity
CVSS v3 Score 7.1
References
- https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability
Products affected by CVE-2023-44297
-
cpe:2.3:h:dell:poweredge_c6620:-
-
cpe:2.3:h:dell:poweredge_hs5610:-
-
cpe:2.3:h:dell:poweredge_hs5620:-
-
cpe:2.3:h:dell:poweredge_mx760c:-
-
cpe:2.3:h:dell:poweredge_r660:-
-
cpe:2.3:h:dell:poweredge_r660xs:-
-
cpe:2.3:h:dell:poweredge_r760:-
-
cpe:2.3:h:dell:poweredge_r760xa:-
-
cpe:2.3:h:dell:poweredge_r760xd2:-
-
cpe:2.3:h:dell:poweredge_r760xs:-
-
cpe:2.3:h:dell:poweredge_r860:-
-
cpe:2.3:h:dell:poweredge_r960:-
-
cpe:2.3:h:dell:poweredge_t560:-
-
cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4
-
cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4