Skip to main content

Alienware M15 R7 Firmware CVE-2023-32453

LOW
Improper Authentication (CWE-287)
2023-08-16 security_alert@emc.com
Dell Authentication Bypass Alienware M15 R7 Firmware Alienware M16 Firmware Alienware M18 Firmware Chengming 3900 Firmware Chengming 3901 Firmware Chengming 3910 Firmware Chengming 3911 Firmware G15 5520 Firmware G16 7620 Firmware G3 3500 Firmware G5 15 5500 Firmware G7 15 7500 Firmware G7 17 7700 Firmware Precision 5680 Firmware Inspiron 14 5410 Firmware Inspiron 14 5418 Firmware Inspiron 15 3511 Firmware Inspiron 15 5510 Firmware Inspiron 15 5518 Firmware Inspiron 24 5420 All In One Firmware Inspiron 24 5421 All In One Firmware Inspiron 27 7720 All In One Firmware Inspiron 3020 Small Desktop Firmware Inspiron 3020 Desktop Firmware Inspiron 3493 Firmware Inspiron 3511 Firmware Inspiron 3593 Firmware Inspiron 3793 Firmware Inspiron 3891 Firmware Inspiron 3910 Firmware Inspiron 5410 Firmware Inspiron 5493 Firmware Inspiron 5593 Firmware Inspiron 7300 2 In 1 Firmware Inspiron 7490 Firmware Inspiron 7500 Firmware Inspiron 7500 2 In 1 Black Firmware Inspiron 7501 Firmware Inspiron 7510 Firmware Inspiron 7610 Firmware Latitude 3140 Firmware Latitude 3301 Firmware Latitude 3320 Firmware Latitude 3330 Firmware Latitude 3340 Firmware Latitude 3400 Firmware Latitude 3430 Firmware Latitude 3440 Firmware Latitude 3500 Firmware Latitude 3530 Firmware Latitude 3540 Firmware Latitude 5420 Firmware Latitude 5430 Firmware Latitude 5431 Firmware Latitude 7230 Rugged Extreme Tablet Firmware Latitude 7320 Firmware Latitude 7420 Firmware Latitude 7520 Firmware Latitude 9330 Firmware Latitude 9520 Firmware Latitude Rugged 5430 Firmware Latitude Rugged 7330 Firmware Optiplex 3000 Firmware Optiplex 3000 Thin Client Firmware Optiplex 5000 Firmware Optiplex 5090 Firmware Optiplex 5400 All In One Firmware Optiplex 5490 All In One Firmware Optiplex 7000 Firmware Optiplex 7090 Firmware Optiplex 7400 All In One Firmware Optiplex 7490 All In One Firmware Optiplex 7410 All In One Firmware Optiplex Micro Plus 7010 Firmware Optiplex Small Form Factor Plus 7010 Firmware Optiplex Tower Plus 7010 Firmware Optiplex Xe4 Firmware Precision 3260 Xe Compact Firmware Precision 3260 Compact Firmware Precision 3450 Firmware Precision 3460 Xe Small Form Factor Firmware Precision 3460 Small Form Factor Firmware Precision 3470 Firmware Precision 3650 Tower Firmware Precision 3660 Firmware Precision 5470 Firmware Precision 5570 Firmware Precision 5860 Tower Firmware Precision 7960 Tower Firmware Vostro 3020 Sff Firmware Vostro 3020 T Firmware Vostro 3510 Firmware Vostro 3690 Firmware Vostro 3710 Firmware Vostro 3890 Firmware Vostro 3910 Firmware Vostro 5410 Firmware Vostro 5491 Firmware Vostro 5510 Firmware Vostro 5591 Firmware Vostro 5890 Firmware Vostro 7500 Firmware Vostro 7510 Firmware Xps 13 9305 Firmware Xps 13 7390 Firmware Xps 13 7390 2 In 1 Firmware Xps 13 9300 Firmware Xps 13 9310 Firmware Xps 13 9310 2 In 1 Firmware Xps 13 9315 Firmware Xps 15 9520 Firmware
3.9
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.9 LOW
AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 16, 2023 - 20:15 nvd
LOW 3.9

DescriptionNVD

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

AnalysisAI

Dell BIOS contains an improper authentication vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. Affected products include: Dell Alienware M15 R7 Firmware, Dell Alienware M16 Firmware, Dell Alienware M18 Firmware, Dell Chengming 3900 Firmware, Dell Chengming 3901 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

CVE-2024-52541 HIGH
8.2 Feb 19

Dell Client Platform BIOS contains a Weak Authentication vulnerability. Rated high severity (CVSS 8.2), this vulnerabili

CVE-2025-29988 MEDIUM
6.9 Apr 09

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. Rated medium severity (CVSS 6.9), this v

CVE-2023-32480 MEDIUM
6.8 Jun 23

Dell BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is n

CVE-2024-0158 MEDIUM
6.7 Jul 02

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28060 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28058 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28050 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28044 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28036 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28034 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28031 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

CVE-2023-28027 MEDIUM
6.7 Jun 23

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is l

Share

CVE-2023-32453 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy