CVE-2023-28075
CVSS V2 None
CVSS V3 None
Description
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
Overview
- CVE ID
- CVE-2023-28075
- Assigner
- dell
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-08-16T19:15:41.959Z
- Last Modified Date
- 2023-08-16T19:15:41.959Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-28075 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28075 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 10:57:28 | Added to TrackCVE |