CVE-2023-28035

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jun 23, 2023
Updated: Jun 28, 2023
CWE ID 20

Summary

CVE-2023-28035 is a vulnerability affecting Dell BIOS that allows local, authenticated users with administrator privileges to bypass input validation. By exploiting this issue, an attacker can modify a UEFI variable, potentially leading to serious system compromise. Though the exact implications of this vulnerability are not yet fully understood, it poses a significant risk to security and should be addressed promptly. Dell has released a patch to mitigate this issue; system administrators are urged to apply it as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share