CNVD-2025-02575
Vulnerability from cnvd - Published: 2025-02-06
VLAI Severity ?
Title
Dell BIOS缓冲区溢出漏洞
Description
Dell BIOS是美国戴尔(Dell)公司的一个计算机主板上小型内存芯片上的嵌入式软件。
Dell BIOS存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。
Severity
高
Patch Name
Dell BIOS缓冲区溢出漏洞的补丁
Patch Description
Dell BIOS是美国戴尔(Dell)公司的一个计算机主板上小型内存芯片上的嵌入式软件。
Dell BIOS存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-28064
Impacted products
| Name | ['DELL Alienware m15 R6 <1.22.1', 'DELL Alienware m15 R7 <1.17.0', 'DELL ChengMing 3900/3901 <1.13.0', 'DELL Dell G15 5510 <1.19.0', 'DELL Dell G15 5511 <1.22.1', 'DELL Dell G15 5520 <1.17.0', 'DELL Inspiron 14? 5410/5418 <2.19.1', 'DELL Inspiron 14 Plus 7420 <1.13.0', 'DELL Inspiron 15 3511 <1.22.1', 'DELL Inspiron 15 5510/5518 <2.19.1', 'DELL Inspiron 16 7620 2-in-1 <1.12.1', 'DELL Inspiron 16 Plus 7620 <1.13.0', 'DELL Inspiron 3511 <1.22.1', 'DELL Inspiron 3520 <1.15.0', 'DELL Inspiron 3891 <1.18.1', 'DELL Inspiron 3910 <1.13.0', 'DELL Inspiron 5310 <2.20.1', 'DELL Inspiron 5320 <1.11.1', 'DELL Inspiron 5410 <2.19.1', 'DELL Inspiron 5420 <1.14.1', 'DELL Inspiron 5620 <1.14.1', 'DELL Inspiron 7420 <1.12.1', 'DELL Inspiron 7510 <1.16.1', 'DELL Inspiron 7610 <1.16.1', 'DELL Latitude 3120 <1.17.2', 'DELL Latitude 3320 <1.22.2', 'DELL Latitude 3330 <1.13.0', 'DELL Latitude 3420 <1.29.0', 'DELL Latitude 3430 <1.10.1', 'DELL Latitude 3520 <1.29.0', 'DELL Latitude 3530 <1.10.1', 'DELL Latitude 5320 <1.28.1', 'DELL Latitude 5330 <1.13.1', 'DELL Latitude 5520 <1.28.1', 'DELL Latitude 5530 <1.13.2', 'DELL Latitude 5531 <1.14.1', 'DELL Latitude 7330 <1.14.1', 'DELL Latitude 7430 <1.14.1', 'DELL Latitude 7530 <1.14.1', 'DELL Latitude Rugged 5430 <1.18.1', 'DELL Latitude Rugged 7330 <1.18.1', 'DELL OptiPlex 3000 <1.13.1', 'DELL OptiPlex 5000 <1.13.1', 'DELL OptiPlex 5400 <1.1.28', 'DELL OptiPlex 7000 <1.13.1', 'DELL OptiPlex 7000 OEM <1.13.1', 'DELL OptiPlex 7400 <1.1.28', 'DELL OptiPlex All-in-One 7410 <1.4.1', 'DELL Precision 3560 <1.28.1', 'DELL Precision 3570 <1.13.2', 'DELL Precision 3571 <1.14.1', 'DELL Precision 5760 <1.20.1', 'DELL Precision 5770 <1.17.1', 'DELL Vostro 3420 <1.15.0', 'DELL Vostro 3510 <1.22.1', 'DELL Vostro 3520 <1.15.0', 'DELL Vostro 3910 <1.13.0', 'DELL Vostro 5310 <2.20.1', 'DELL Vostro 5320 <1.11.1', 'DELL Vostro 5410 <2.19.1', 'DELL Vostro 5510 <2.19.1', 'DELL Vostro 5620 <1.14.1', 'DELL Vostro 7510 <1.16.1', 'DELL Vostro 7620 <1.13.0', 'DELL XPS 13 9315 2-in-1 <1.8.1', 'DELL XPS 17 9710 <1.20.1', 'DELL XPS 17 9720 <1.17.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-28064",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-28064"
}
},
"description": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\n\nDell BIOS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.dell.com/support/kbdoc/en-us/000214778/dsa-2023-174-dell-client-bios-security-update-for-an-out-of-bounds-write-vulnerability",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-02575",
"openTime": "2025-02-06",
"patchDescription": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\r\n\r\nDell BIOS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"DELL Alienware m15 R6 \u003c1.22.1",
"DELL Alienware m15 R7 \u003c1.17.0",
"DELL ChengMing 3900/3901 \u003c1.13.0",
"DELL Dell G15 5510 \u003c1.19.0",
"DELL Dell G15 5511 \u003c1.22.1",
"DELL Dell G15 5520 \u003c1.17.0",
"DELL Inspiron 14? 5410/5418 \u003c2.19.1",
"DELL Inspiron 14 Plus 7420 \u003c1.13.0",
"DELL Inspiron 15 3511 \u003c1.22.1",
"DELL Inspiron 15 5510/5518 \u003c2.19.1",
"DELL Inspiron 16 7620 2-in-1 \u003c1.12.1",
"DELL Inspiron 16 Plus 7620 \u003c1.13.0",
"DELL Inspiron 3511 \u003c1.22.1",
"DELL Inspiron 3520 \u003c1.15.0",
"DELL Inspiron 3891 \u003c1.18.1",
"DELL Inspiron 3910 \u003c1.13.0",
"DELL Inspiron 5310 \u003c2.20.1",
"DELL Inspiron 5320 \u003c1.11.1",
"DELL Inspiron 5410 \u003c2.19.1",
"DELL Inspiron 5420 \u003c1.14.1",
"DELL Inspiron 5620 \u003c1.14.1",
"DELL Inspiron 7420 \u003c1.12.1",
"DELL Inspiron 7510 \u003c1.16.1",
"DELL Inspiron 7610 \u003c1.16.1",
"DELL Latitude 3120 \u003c1.17.2",
"DELL Latitude 3320 \u003c1.22.2",
"DELL Latitude 3330 \u003c1.13.0",
"DELL Latitude 3420 \u003c1.29.0",
"DELL Latitude 3430 \u003c1.10.1",
"DELL Latitude 3520 \u003c1.29.0",
"DELL Latitude 3530 \u003c1.10.1",
"DELL Latitude 5320 \u003c1.28.1",
"DELL Latitude 5330 \u003c1.13.1",
"DELL Latitude 5520 \u003c1.28.1",
"DELL Latitude 5530 \u003c1.13.2",
"DELL Latitude 5531 \u003c1.14.1",
"DELL Latitude 7330 \u003c1.14.1",
"DELL Latitude 7430 \u003c1.14.1",
"DELL Latitude 7530 \u003c1.14.1",
"DELL Latitude Rugged 5430 \u003c1.18.1",
"DELL Latitude Rugged 7330 \u003c1.18.1",
"DELL OptiPlex 3000 \u003c1.13.1",
"DELL OptiPlex 5000 \u003c1.13.1",
"DELL OptiPlex 5400 \u003c1.1.28",
"DELL OptiPlex 7000 \u003c1.13.1",
"DELL OptiPlex 7000 OEM \u003c1.13.1",
"DELL OptiPlex 7400 \u003c1.1.28",
"DELL OptiPlex All-in-One 7410 \u003c1.4.1",
"DELL Precision 3560 \u003c1.28.1",
"DELL Precision 3570 \u003c1.13.2",
"DELL Precision 3571 \u003c1.14.1",
"DELL Precision 5760 \u003c1.20.1",
"DELL Precision 5770 \u003c1.17.1",
"DELL Vostro 3420 \u003c1.15.0",
"DELL Vostro 3510 \u003c1.22.1",
"DELL Vostro 3520 \u003c1.15.0",
"DELL Vostro 3910 \u003c1.13.0",
"DELL Vostro 5310 \u003c2.20.1",
"DELL Vostro 5320 \u003c1.11.1",
"DELL Vostro 5410 \u003c2.19.1",
"DELL Vostro 5510 \u003c2.19.1",
"DELL Vostro 5620 \u003c1.14.1",
"DELL Vostro 7510 \u003c1.16.1",
"DELL Vostro 7620 \u003c1.13.0",
"DELL XPS 13 9315 2-in-1 \u003c1.8.1",
"DELL XPS 17 9710 \u003c1.20.1",
"DELL XPS 17 9720 \u003c1.17.1"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-28064",
"serverity": "\u9ad8",
"submitTime": "2023-06-28",
"title": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…