Skip to main content

Alienware M15 R6 Firmware CVE-2023-28064

MEDIUM
Out-of-bounds Write (CWE-787)
2023-06-23 security_alert@emc.com
Memory Corruption Buffer Overflow Denial Of Service Dell Alienware M15 R6 Firmware Alienware M15 R7 Firmware Chengming 3900 Firmware Chengming 3901 Firmware G15 5510 Firmware G15 5511 Firmware G15 5520 Firmware Inspiron 14 5418 Firmware Inspiron 14 5410 Firmware Inspiron 14 Plus 7420 Firmware Inspiron 15 3511 Firmware Inspiron 15 5510 Firmware Inspiron 15 5518 Firmware Inspiron 16 7620 2 In 1 Firmware Inspiron 16 Plus 7620 Firmware Inspiron 3511 Firmware Inspiron 3520 Firmware Inspiron 3891 Firmware Inspiron 3910 Firmware Inspiron 5310 Firmware Inspiron 5320 Firmware Inspiron 5410 Firmware Inspiron 5420 Firmware Inspiron 5620 Firmware Inspiron 7420 Firmware Inspiron 7510 Firmware Inspiron 7610 Firmware Latitude 3120 Firmware Latitude 3320 Firmware Latitude 3330 Firmware Latitude 3420 Firmware Latitude 3430 Firmware Latitude 3520 Firmware Latitude 3530 Firmware Latitude 5320 Firmware Latitude 5330 Firmware Latitude 5520 Firmware Latitude 5530 Firmware Latitude 5531 Firmware Latitude 7330 Firmware Latitude 7430 Firmware Latitude 7530 Firmware Latitude Rugged 5430 Firmware Latitude Rugged 7330 Firmware Optiplex 3000 Firmware Optiplex 5000 Firmware Optiplex 5400 Firmware Optiplex 7000 Firmware Optiplex 7000 Oem Firmware Optiplex 7400 Firmware Optiplex 7410 All In One Firmware Precision 3560 Firmware Precision 3570 Firmware Precision 3571 Firmware Precision 5760 Firmware Precision 5770 Firmware Vostro 3420 Firmware Vostro 3510 Firmware Vostro 3520 Firmware Vostro 3910 Firmware Vostro 5310 Firmware Vostro 5320 Firmware Vostro 5410 Firmware Vostro 5510 Firmware Vostro 5620 Firmware Vostro 7510 Firmware Vostro 7620 Firmware Xps 13 9315 2 In 1 Firmware Xps 17 9710 Firmware Xps 17 9720 Firmware
4.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.6 MEDIUM
AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 23, 2023 - 11:15 nvd
MEDIUM 4.6

DescriptionNVD

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

AnalysisAI

Dell BIOS contains an Out-of-bounds Write vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. Affected products include: Dell Alienware M15 R6 Firmware, Dell Alienware M15 R7 Firmware, Dell Chengming 3900 Firmware, Dell Chengming 3901 Firmware, Dell G15 5510 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2024-52541 HIGH
8.2 Feb 19

Dell Client Platform BIOS contains a Weak Authentication vulnerability. Rated high severity (CVSS 8.2), this vulnerabili

CVE-2022-26861 HIGH
7.8 Sep 06

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. Rated high severity (CVSS 7.8), this vulner

CVE-2022-26860 HIGH
7.8 Sep 06

Dell BIOS versions contain a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerabili

CVE-2022-26858 HIGH
7.8 Sep 06

Dell BIOS versions contain an Improper Authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability

CVE-2021-21574 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2021-21573 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2021-21572 HIGH
7.5 Jun 24

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch avail

CVE-2022-26859 HIGH
7.0 Sep 06

Dell BIOS contains a race condition vulnerability. Rated high severity (CVSS 7.0). No vendor patch available.

CVE-2025-29988 MEDIUM
6.9 Apr 09

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. Rated medium severity (CVSS 6.9), this v

CVE-2024-0158 MEDIUM
6.7 Jul 02

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28060 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28058 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

Share

CVE-2023-28064 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy