CVE-2023-25537
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-02-07 CVE Reserved
- 2023-05-22 CVE Published
- 2023-05-23 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Poweredge R740 Firmware Search vendor "Dell" for product "Poweredge R740 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740 Search vendor "Dell" for product "Poweredge R740" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R740xd Firmware Search vendor "Dell" for product "Poweredge R740xd Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740xd Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740xd Search vendor "Dell" for product "Poweredge R740xd" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R640 Firmware Search vendor "Dell" for product "Poweredge R640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R640 Search vendor "Dell" for product "Poweredge R640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R940 Firmware Search vendor "Dell" for product "Poweredge R940 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R940 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R940 Search vendor "Dell" for product "Poweredge R940" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R540 Firmware Search vendor "Dell" for product "Poweredge R540 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R540 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R540 Search vendor "Dell" for product "Poweredge R540" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R440 Firmware Search vendor "Dell" for product "Poweredge R440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R440 Search vendor "Dell" for product "Poweredge R440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge T440 Firmware Search vendor "Dell" for product "Poweredge T440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge T440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge T440 Search vendor "Dell" for product "Poweredge T440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xr2 Firmware Search vendor "Dell" for product "Poweredge Xr2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xr2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xr2 Search vendor "Dell" for product "Poweredge Xr2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R740xd2 Firmware Search vendor "Dell" for product "Poweredge R740xd2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R740xd2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R740xd2 Search vendor "Dell" for product "Poweredge R740xd2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R840 Firmware Search vendor "Dell" for product "Poweredge R840 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R840 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R840 Search vendor "Dell" for product "Poweredge R840" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge R940xa Firmware Search vendor "Dell" for product "Poweredge R940xa Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge R940xa Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge R940xa Search vendor "Dell" for product "Poweredge R940xa" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge T640 Firmware Search vendor "Dell" for product "Poweredge T640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge T640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge T640 Search vendor "Dell" for product "Poweredge T640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge C6420 Firmware Search vendor "Dell" for product "Poweredge C6420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge C6420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge C6420 Search vendor "Dell" for product "Poweredge C6420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Fc640 Firmware Search vendor "Dell" for product "Poweredge Fc640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Fc640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Fc640 Search vendor "Dell" for product "Poweredge Fc640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge M640 Firmware Search vendor "Dell" for product "Poweredge M640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge M640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge M640 Search vendor "Dell" for product "Poweredge M640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Mx740c Firmware Search vendor "Dell" for product "Poweredge Mx740c Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Mx740c Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Mx740c Search vendor "Dell" for product "Poweredge Mx740c" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Mx840c Firmware Search vendor "Dell" for product "Poweredge Mx840c Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Mx840c Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Mx840c Search vendor "Dell" for product "Poweredge Mx840c" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge C4140 Firmware Search vendor "Dell" for product "Poweredge C4140 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge C4140 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge C4140 Search vendor "Dell" for product "Poweredge C4140" | - | - |
Safe
|
| Dell Search vendor "Dell" | Dss 8440 Firmware Search vendor "Dell" for product "Dss 8440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Dss 8440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Dss 8440 Search vendor "Dell" for product "Dss 8440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe2420 Firmware Search vendor "Dell" for product "Poweredge Xe2420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe2420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe2420 Search vendor "Dell" for product "Poweredge Xe2420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe7420 Firmware Search vendor "Dell" for product "Poweredge Xe7420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe7420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe7420 Search vendor "Dell" for product "Poweredge Xe7420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Poweredge Xe7440 Firmware Search vendor "Dell" for product "Poweredge Xe7440 Firmware" | < 2.18.1 Search vendor "Dell" for product "Poweredge Xe7440 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Poweredge Xe7440 Search vendor "Dell" for product "Poweredge Xe7440" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Storage Nx3240 Firmware Search vendor "Dell" for product "Emc Storage Nx3240 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Storage Nx3240 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Storage Nx3240 Search vendor "Dell" for product "Emc Storage Nx3240" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Storage Nx3340 Firmware Search vendor "Dell" for product "Emc Storage Nx3340 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Storage Nx3340 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Storage Nx3340 Search vendor "Dell" for product "Emc Storage Nx3340" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core 6420 Firmware Search vendor "Dell" for product "Emc Xc Core 6420 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core 6420 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core 6420 Search vendor "Dell" for product "Emc Xc Core 6420" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc640 Firmware Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc640 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc640 Search vendor "Dell" for product "Emc Xc Core Xc640" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc740xd Firmware Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc740xd Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc740xd Search vendor "Dell" for product "Emc Xc Core Xc740xd" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc740xd2 Firmware Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc740xd2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc740xd2 Search vendor "Dell" for product "Emc Xc Core Xc740xd2" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xc940 Firmware Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xc940 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xc940 Search vendor "Dell" for product "Emc Xc Core Xc940" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Xc Core Xcxr2 Firmware Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware" | < 2.18.1 Search vendor "Dell" for product "Emc Xc Core Xcxr2 Firmware" and version " < 2.18.1" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Xc Core Xcxr2 Search vendor "Dell" for product "Emc Xc Core Xcxr2" | - | - |
Safe
|