1. Home
  2. CVE Database
  3. CVE-2023-44297
HIGH · 7.1

CVE-2023-44297

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit thi...

Vulnerability Description

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
DellPoweredge R660 Firmware1.4.4
DellPoweredge R660-
DellPoweredge R760 Firmware1.4.4
DellPoweredge R760-
DellPoweredge C6620 Firmware1.4.4
DellPoweredge C6620-
DellPoweredge Mx760C Firmware1.4.4
DellPoweredge Mx760C-
DellPoweredge R860 Firmware1.4.4
DellPoweredge R860-
DellPoweredge R960 Firmware1.4.4
DellPoweredge R960-
DellPoweredge Hs5610 Firmware1.4.4
DellPoweredge Hs5610-
DellPoweredge Hs5620 Firmware1.4.4
DellPoweredge Hs5620-
DellPoweredge R660Xs Firmware1.4.4
DellPoweredge R660Xs-
DellPoweredge R760Xs Firmware1.4.4
DellPoweredge R760Xs-

Related Weaknesses (CWE)

CWE-667CWE-1234

References

FAQ

What is CVE-2023-44297?

CVE-2023-44297 is a vulnerability with a CVSS score of 7.1 (HIGH). Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit thi...

How severe is CVE-2023-44297?

CVE-2023-44297 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-44297?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Poweredge R660 Firmware, Dell Poweredge R660, Dell Poweredge R760 Firmware, Dell Poweredge R760, Dell Poweredge C6620 Firmware.