CVE-2023-28033

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jun 23, 2023
Updated: Jun 28, 2023
CWE ID 20

Summary

CVE-2023-28033 is a vulnerability affecting Dell BIOS that allows a local authenticated user with administrator privileges to bypass input validation. This can potentially enable the user to modify a UEFI variable, posing a security risk to the system. This issue can lead to unauthorized changes or malicious code execution at the firmware level. Users are strongly encouraged to apply the recommended patches from Dell to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share