cnvd-2025-02575
Vulnerability from cnvd
Title: Dell BIOS缓冲区溢出漏洞
Description:
Dell BIOS是美国戴尔(Dell)公司的一个计算机主板上小型内存芯片上的嵌入式软件。
Dell BIOS存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。
Severity: 高
Patch Name: Dell BIOS缓冲区溢出漏洞的补丁
Patch Description:
Dell BIOS是美国戴尔(Dell)公司的一个计算机主板上小型内存芯片上的嵌入式软件。
Dell BIOS存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布了漏洞修复程序,请及时关注更新: https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability
Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-28064
Impacted products
| Name | ['DELL Alienware m15 R6 <1.22.1', 'DELL Alienware m15 R7 <1.17.0', 'DELL ChengMing 3900/3901 <1.13.0', 'DELL Dell G15 5510 <1.19.0', 'DELL Dell G15 5511 <1.22.1', 'DELL Dell G15 5520 <1.17.0', 'DELL Inspiron 14? 5410/5418 <2.19.1', 'DELL Inspiron 14 Plus 7420 <1.13.0', 'DELL Inspiron 15 3511 <1.22.1', 'DELL Inspiron 15 5510/5518 <2.19.1', 'DELL Inspiron 16 7620 2-in-1 <1.12.1', 'DELL Inspiron 16 Plus 7620 <1.13.0', 'DELL Inspiron 3511 <1.22.1', 'DELL Inspiron 3520 <1.15.0', 'DELL Inspiron 3891 <1.18.1', 'DELL Inspiron 3910 <1.13.0', 'DELL Inspiron 5310 <2.20.1', 'DELL Inspiron 5320 <1.11.1', 'DELL Inspiron 5410 <2.19.1', 'DELL Inspiron 5420 <1.14.1', 'DELL Inspiron 5620 <1.14.1', 'DELL Inspiron 7420 <1.12.1', 'DELL Inspiron 7510 <1.16.1', 'DELL Inspiron 7610 <1.16.1', 'DELL Latitude 3120 <1.17.2', 'DELL Latitude 3320 <1.22.2', 'DELL Latitude 3330 <1.13.0', 'DELL Latitude 3420 <1.29.0', 'DELL Latitude 3430 <1.10.1', 'DELL Latitude 3520 <1.29.0', 'DELL Latitude 3530 <1.10.1', 'DELL Latitude 5320 <1.28.1', 'DELL Latitude 5330 <1.13.1', 'DELL Latitude 5520 <1.28.1', 'DELL Latitude 5530 <1.13.2', 'DELL Latitude 5531 <1.14.1', 'DELL Latitude 7330 <1.14.1', 'DELL Latitude 7430 <1.14.1', 'DELL Latitude 7530 <1.14.1', 'DELL Latitude Rugged 5430 <1.18.1', 'DELL Latitude Rugged 7330 <1.18.1', 'DELL OptiPlex 3000 <1.13.1', 'DELL OptiPlex 5000 <1.13.1', 'DELL OptiPlex 5400 <1.1.28', 'DELL OptiPlex 7000 <1.13.1', 'DELL OptiPlex 7000 OEM <1.13.1', 'DELL OptiPlex 7400 <1.1.28', 'DELL OptiPlex All-in-One 7410 <1.4.1', 'DELL Precision 3560 <1.28.1', 'DELL Precision 3570 <1.13.2', 'DELL Precision 3571 <1.14.1', 'DELL Precision 5760 <1.20.1', 'DELL Precision 5770 <1.17.1', 'DELL Vostro 3420 <1.15.0', 'DELL Vostro 3510 <1.22.1', 'DELL Vostro 3520 <1.15.0', 'DELL Vostro 3910 <1.13.0', 'DELL Vostro 5310 <2.20.1', 'DELL Vostro 5320 <1.11.1', 'DELL Vostro 5410 <2.19.1', 'DELL Vostro 5510 <2.19.1', 'DELL Vostro 5620 <1.14.1', 'DELL Vostro 7510 <1.16.1', 'DELL Vostro 7620 <1.13.0', 'DELL XPS 13 9315 2-in-1 <1.8.1', 'DELL XPS 17 9710 <1.20.1', 'DELL XPS 17 9720 <1.17.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-28064",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-28064"
}
},
"description": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\n\nDell BIOS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-02575",
"openTime": "2025-02-06",
"patchDescription": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\r\n\r\nDell BIOS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"DELL Alienware m15 R6 \u003c1.22.1",
"DELL Alienware m15 R7 \u003c1.17.0",
"DELL ChengMing 3900/3901 \u003c1.13.0",
"DELL Dell G15 5510 \u003c1.19.0",
"DELL Dell G15 5511 \u003c1.22.1",
"DELL Dell G15 5520 \u003c1.17.0",
"DELL Inspiron 14? 5410/5418 \u003c2.19.1",
"DELL Inspiron 14 Plus 7420 \u003c1.13.0",
"DELL Inspiron 15 3511 \u003c1.22.1",
"DELL Inspiron 15 5510/5518 \u003c2.19.1",
"DELL Inspiron 16 7620 2-in-1 \u003c1.12.1",
"DELL Inspiron 16 Plus 7620 \u003c1.13.0",
"DELL Inspiron 3511 \u003c1.22.1",
"DELL Inspiron 3520 \u003c1.15.0",
"DELL Inspiron 3891 \u003c1.18.1",
"DELL Inspiron 3910 \u003c1.13.0",
"DELL Inspiron 5310 \u003c2.20.1",
"DELL Inspiron 5320 \u003c1.11.1",
"DELL Inspiron 5410 \u003c2.19.1",
"DELL Inspiron 5420 \u003c1.14.1",
"DELL Inspiron 5620 \u003c1.14.1",
"DELL Inspiron 7420 \u003c1.12.1",
"DELL Inspiron 7510 \u003c1.16.1",
"DELL Inspiron 7610 \u003c1.16.1",
"DELL Latitude 3120 \u003c1.17.2",
"DELL Latitude 3320 \u003c1.22.2",
"DELL Latitude 3330 \u003c1.13.0",
"DELL Latitude 3420 \u003c1.29.0",
"DELL Latitude 3430 \u003c1.10.1",
"DELL Latitude 3520 \u003c1.29.0",
"DELL Latitude 3530 \u003c1.10.1",
"DELL Latitude 5320 \u003c1.28.1",
"DELL Latitude 5330 \u003c1.13.1",
"DELL Latitude 5520 \u003c1.28.1",
"DELL Latitude 5530 \u003c1.13.2",
"DELL Latitude 5531 \u003c1.14.1",
"DELL Latitude 7330 \u003c1.14.1",
"DELL Latitude 7430 \u003c1.14.1",
"DELL Latitude 7530 \u003c1.14.1",
"DELL Latitude Rugged 5430 \u003c1.18.1",
"DELL Latitude Rugged 7330 \u003c1.18.1",
"DELL OptiPlex 3000 \u003c1.13.1",
"DELL OptiPlex 5000 \u003c1.13.1",
"DELL OptiPlex 5400 \u003c1.1.28",
"DELL OptiPlex 7000 \u003c1.13.1",
"DELL OptiPlex 7000 OEM \u003c1.13.1",
"DELL OptiPlex 7400 \u003c1.1.28",
"DELL OptiPlex All-in-One 7410 \u003c1.4.1",
"DELL Precision 3560 \u003c1.28.1",
"DELL Precision 3570 \u003c1.13.2",
"DELL Precision 3571 \u003c1.14.1",
"DELL Precision 5760 \u003c1.20.1",
"DELL Precision 5770 \u003c1.17.1",
"DELL Vostro 3420 \u003c1.15.0",
"DELL Vostro 3510 \u003c1.22.1",
"DELL Vostro 3520 \u003c1.15.0",
"DELL Vostro 3910 \u003c1.13.0",
"DELL Vostro 5310 \u003c2.20.1",
"DELL Vostro 5320 \u003c1.11.1",
"DELL Vostro 5410 \u003c2.19.1",
"DELL Vostro 5510 \u003c2.19.1",
"DELL Vostro 5620 \u003c1.14.1",
"DELL Vostro 7510 \u003c1.16.1",
"DELL Vostro 7620 \u003c1.13.0",
"DELL XPS 13 9315 2-in-1 \u003c1.8.1",
"DELL XPS 17 9710 \u003c1.20.1",
"DELL XPS 17 9720 \u003c1.17.1"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-28064",
"serverity": "\u9ad8",
"submitTime": "2023-06-28",
"title": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…