CVE-2023-25537
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-02-07 CVE Reserved
- 2023-05-22 CVE Published
- 2025-01-21 CVE Updated
- 2025-04-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Poweredge R740 Firmware Search vendor "Dell" for product "Poweredge R740 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740 Search vendor "Dell" for product "Poweredge R740" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R740xd Firmware Search vendor "Dell" for product "Poweredge R740xd Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740xd Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740xd Search vendor "Dell" for product "Poweredge R740xd" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R640 Firmware Search vendor "Dell" for product "Poweredge R640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R640 Search vendor "Dell" for product "Poweredge R640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R940 Firmware Search vendor "Dell" for product "Poweredge R940 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R940 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R940 Search vendor "Dell" for product "Poweredge R940" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R540 Firmware Search vendor "Dell" for product "Poweredge R540 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R540 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R540 Search vendor "Dell" for product "Poweredge R540" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R440 Firmware Search vendor "Dell" for product "Poweredge R440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R440 Search vendor "Dell" for product "Poweredge R440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge T440 Firmware Search vendor "Dell" for product "Poweredge T440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge T440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge T440 Search vendor "Dell" for product "Poweredge T440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xr2 Firmware Search vendor "Dell" for product "Poweredge Xr2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xr2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xr2 Search vendor "Dell" for product "Poweredge Xr2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R740xd2 Firmware Search vendor "Dell" for product "Poweredge R740xd2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740xd2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740xd2 Search vendor "Dell" for product "Poweredge R740xd2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R840 Firmware Search vendor "Dell" for product "Poweredge R840 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R840 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R840 Search vendor "Dell" for product "Poweredge R840" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R940xa Firmware Search vendor "Dell" for product "Poweredge R940xa Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R940xa Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R940xa Search vendor "Dell" for product "Poweredge R940xa" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge T640 Firmware Search vendor "Dell" for product "Poweredge T640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge T640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge T640 Search vendor "Dell" for product "Poweredge T640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge C6420 Firmware Search vendor "Dell" for product "Poweredge C6420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge C6420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge C6420 Search vendor "Dell" for product "Poweredge C6420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Fc640 Firmware Search vendor "Dell" for product "Poweredge Fc640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Fc640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Fc640 Search vendor "Dell" for product "Poweredge Fc640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge M640 Firmware Search vendor "Dell" for product "Poweredge M640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge M640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge M640 Search vendor "Dell" for product "Poweredge M640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Mx740c Firmware Search vendor "Dell" for product "Poweredge Mx740c Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Mx740c Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Mx740c Search vendor "Dell" for product "Poweredge Mx740c" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Mx840c Firmware Search vendor "Dell" for product "Poweredge Mx840c Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Mx840c Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Mx840c Search vendor "Dell" for product "Poweredge Mx840c" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge C4140 Firmware Search vendor "Dell" for product "Poweredge C4140 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge C4140 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge C4140 Search vendor "Dell" for product "Poweredge C4140" | - | - |
Safe
|
| Dell Search vendor "Dell" | Dss 8440 Firmware Search vendor "Dell" for product "Dss 8440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Dss 8440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Dss 8440 Search vendor "Dell" for product "Dss 8440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe2420 Firmware Search vendor "Dell" for product "Poweredge Xe2420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe2420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe2420 Search vendor "Dell" for product "Poweredge Xe2420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe7420 Firmware Search vendor "Dell" for product "Poweredge Xe7420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe7420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe7420 Search vendor "Dell" for product "Poweredge Xe7420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe7440 Firmware Search vendor "Dell" for product "Poweredge Xe7440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe7440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe7440 Search vendor "Dell" for product "Poweredge Xe7440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Storage Nx3240 Firmware Search vendor "Dell" for product "Emc Storage Nx3240 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Storage Nx3240 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Storage Nx3240 Search vendor "Dell" for product "Emc Storage Nx3240" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Storage Nx3340 Firmware Search vendor "Dell" for product "Emc Storage Nx3340 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Storage Nx3340 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Storage Nx3340 Search vendor "Dell" for product "Emc Storage Nx3340" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core 6420 Firmware Search vendor "Dell" for product "Emc Xc Core 6420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core 6420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core 6420 Search vendor "Dell" for product "Emc Xc Core 6420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc640 Firmware Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc640 Search vendor "Dell" for product "Emc Xc Core Xc640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc740xd Firmware Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc740xd Search vendor "Dell" for product "Emc Xc Core Xc740xd" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc740xd2 Firmware Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc740xd2 Search vendor "Dell" for product "Emc Xc Core Xc740xd2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc940 Firmware Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc940 Search vendor "Dell" for product "Emc Xc Core Xc940" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xcxr2 Firmware Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xcxr2 Search vendor "Dell" for product "Emc Xc Core Xcxr2" | - | - |
Safe
|