// For flags

CVE-2023-25537

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-02-07 CVE Reserved
  • 2023-05-22 CVE Published
  • 2023-05-23 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dell
Search vendor "Dell"
Poweredge R740 Firmware
Search vendor "Dell" for product "Poweredge R740 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R740 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R740
Search vendor "Dell" for product "Poweredge R740"
--
Safe
Dell
Search vendor "Dell"
Poweredge R740xd Firmware
Search vendor "Dell" for product "Poweredge R740xd Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R740xd Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R740xd
Search vendor "Dell" for product "Poweredge R740xd"
--
Safe
Dell
Search vendor "Dell"
Poweredge R640 Firmware
Search vendor "Dell" for product "Poweredge R640 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R640 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R640
Search vendor "Dell" for product "Poweredge R640"
--
Safe
Dell
Search vendor "Dell"
Poweredge R940 Firmware
Search vendor "Dell" for product "Poweredge R940 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R940 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R940
Search vendor "Dell" for product "Poweredge R940"
--
Safe
Dell
Search vendor "Dell"
Poweredge R540 Firmware
Search vendor "Dell" for product "Poweredge R540 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R540 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R540
Search vendor "Dell" for product "Poweredge R540"
--
Safe
Dell
Search vendor "Dell"
Poweredge R440 Firmware
Search vendor "Dell" for product "Poweredge R440 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R440 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R440
Search vendor "Dell" for product "Poweredge R440"
--
Safe
Dell
Search vendor "Dell"
Poweredge T440 Firmware
Search vendor "Dell" for product "Poweredge T440 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge T440 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge T440
Search vendor "Dell" for product "Poweredge T440"
--
Safe
Dell
Search vendor "Dell"
Poweredge Xr2 Firmware
Search vendor "Dell" for product "Poweredge Xr2 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Xr2 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Xr2
Search vendor "Dell" for product "Poweredge Xr2"
--
Safe
Dell
Search vendor "Dell"
Poweredge R740xd2 Firmware
Search vendor "Dell" for product "Poweredge R740xd2 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R740xd2 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R740xd2
Search vendor "Dell" for product "Poweredge R740xd2"
--
Safe
Dell
Search vendor "Dell"
Poweredge R840 Firmware
Search vendor "Dell" for product "Poweredge R840 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R840 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R840
Search vendor "Dell" for product "Poweredge R840"
--
Safe
Dell
Search vendor "Dell"
Poweredge R940xa Firmware
Search vendor "Dell" for product "Poweredge R940xa Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge R940xa Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge R940xa
Search vendor "Dell" for product "Poweredge R940xa"
--
Safe
Dell
Search vendor "Dell"
Poweredge T640 Firmware
Search vendor "Dell" for product "Poweredge T640 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge T640 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge T640
Search vendor "Dell" for product "Poweredge T640"
--
Safe
Dell
Search vendor "Dell"
Poweredge C6420 Firmware
Search vendor "Dell" for product "Poweredge C6420 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge C6420 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge C6420
Search vendor "Dell" for product "Poweredge C6420"
--
Safe
Dell
Search vendor "Dell"
Poweredge Fc640 Firmware
Search vendor "Dell" for product "Poweredge Fc640 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Fc640 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Fc640
Search vendor "Dell" for product "Poweredge Fc640"
--
Safe
Dell
Search vendor "Dell"
Poweredge M640 Firmware
Search vendor "Dell" for product "Poweredge M640 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge M640 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge M640
Search vendor "Dell" for product "Poweredge M640"
--
Safe
Dell
Search vendor "Dell"
Poweredge Mx740c Firmware
Search vendor "Dell" for product "Poweredge Mx740c Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Mx740c Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Mx740c
Search vendor "Dell" for product "Poweredge Mx740c"
--
Safe
Dell
Search vendor "Dell"
Poweredge Mx840c Firmware
Search vendor "Dell" for product "Poweredge Mx840c Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Mx840c Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Mx840c
Search vendor "Dell" for product "Poweredge Mx840c"
--
Safe
Dell
Search vendor "Dell"
Poweredge C4140 Firmware
Search vendor "Dell" for product "Poweredge C4140 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge C4140 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge C4140
Search vendor "Dell" for product "Poweredge C4140"
--
Safe
Dell
Search vendor "Dell"
Dss 8440 Firmware
Search vendor "Dell" for product "Dss 8440 Firmware"
< 2.18.1
Search vendor "Dell" for product "Dss 8440 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Dss 8440
Search vendor "Dell" for product "Dss 8440"
--
Safe
Dell
Search vendor "Dell"
Poweredge Xe2420 Firmware
Search vendor "Dell" for product "Poweredge Xe2420 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Xe2420 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Xe2420
Search vendor "Dell" for product "Poweredge Xe2420"
--
Safe
Dell
Search vendor "Dell"
Poweredge Xe7420 Firmware
Search vendor "Dell" for product "Poweredge Xe7420 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Xe7420 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Xe7420
Search vendor "Dell" for product "Poweredge Xe7420"
--
Safe
Dell
Search vendor "Dell"
Poweredge Xe7440 Firmware
Search vendor "Dell" for product "Poweredge Xe7440 Firmware"
< 2.18.1
Search vendor "Dell" for product "Poweredge Xe7440 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Poweredge Xe7440
Search vendor "Dell" for product "Poweredge Xe7440"
--
Safe
Dell
Search vendor "Dell"
Emc Storage Nx3240 Firmware
Search vendor "Dell" for product "Emc Storage Nx3240 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Storage Nx3240 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Storage Nx3240
Search vendor "Dell" for product "Emc Storage Nx3240"
--
Safe
Dell
Search vendor "Dell"
Emc Storage Nx3340 Firmware
Search vendor "Dell" for product "Emc Storage Nx3340 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Storage Nx3340 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Storage Nx3340
Search vendor "Dell" for product "Emc Storage Nx3340"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core 6420 Firmware
Search vendor "Dell" for product "Emc Xc Core 6420 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core 6420 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core 6420
Search vendor "Dell" for product "Emc Xc Core 6420"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core Xc640 Firmware
Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core Xc640
Search vendor "Dell" for product "Emc Xc Core Xc640"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core Xc740xd Firmware
Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core Xc740xd
Search vendor "Dell" for product "Emc Xc Core Xc740xd"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core Xc740xd2 Firmware
Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core Xc740xd2
Search vendor "Dell" for product "Emc Xc Core Xc740xd2"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core Xc940 Firmware
Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core Xc940
Search vendor "Dell" for product "Emc Xc Core Xc940"
--
Safe
Dell
Search vendor "Dell"
Emc Xc Core Xcxr2 Firmware
Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware"
< 2.18.1
Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware" and version " < 2.18.1"
-
Affected
in Dell
Search vendor "Dell"
Emc Xc Core Xcxr2
Search vendor "Dell" for product "Emc Xc Core Xcxr2"
--
Safe