Article Number: 000210955
DSA-2023-046: Dell Client Platform Security Update for BIOS Vulnerabilities
Summary: Dell Client Platform remediation is available for an improper input validation vulnerability that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
High
Details
| Proprietary Code CVEs | CVE Description | More information |
| CVE-2023-24571 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H See NVD (http://nvd.nist.gov/)  for individual scores for each CVE. |
| Proprietary Code CVEs | CVE Description | More information |
| CVE-2023-24571 | Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H See NVD (http://nvd.nist.gov/) for individual scores for each CVE. |
Affected Products and Remediation
| Product | BIOS Update Version | BIOS Release Date |
| Embedded Box PC 3000 | 1.18.0 | 03/10/2023 |
NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
| Product | BIOS Update Version | BIOS Release Date |
| Embedded Box PC 3000 | 1.18.0 | 03/10/2023 |
NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Workarounds and Mitigations
None
Revision History
| Revision | Date | Description |
| 1.0 | 2023-03-15 | Initial Release |
Related Information
Legal Information
Article Properties
Affected Product
Dell Embedded Box PC 3000, Product Security Information
Last Published Date
15 Mar 2023
Article Type
Dell Security Advisory