CVE & CISA-KEV Catalog

CVE-2023-32453

MEDIUM
4.6
CVSS v3
NVD

Description

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.

How to fix

Remediation Available
alienware m15 r7 firmwareNVD
Affected:< 1.18.0Fixed in:1.18.0CVE-2023-32453derived from NVD
alienware m16 firmwareNVD
Affected:< 1.10.1Fixed in:1.10.1CVE-2023-32453derived from NVD
alienware m18 firmwareNVD
Affected:< 1.10.1Fixed in:1.10.1CVE-2023-32453derived from NVD
chengming 3900 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
chengming 3901 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
chengming 3910 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
chengming 3911 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
g15 5520 firmwareNVD
Affected:< 1.18.0Fixed in:1.18.0CVE-2023-32453derived from NVD
g16 7620 firmwareNVD
Affected:< 1.18.0Fixed in:1.18.0CVE-2023-32453derived from NVD
g3 3500 firmwareNVD
Affected:< 1.26.0Fixed in:1.26.0CVE-2023-32453derived from NVD
g5 15 5500 firmwareNVD
Affected:< 1.26.0Fixed in:1.26.0CVE-2023-32453derived from NVD
g7 15 7500 firmwareNVD
Affected:< 1.26.0Fixed in:1.26.0CVE-2023-32453derived from NVD
g7 17 7700 firmwareNVD
Affected:< 1.26.0Fixed in:1.26.0CVE-2023-32453derived from NVD
inspiron 14 5410 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
inspiron 14 5418 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
inspiron 15 3511 firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
inspiron 15 5510 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
inspiron 15 5518 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
inspiron 24 5420 all-in-one firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2023-32453derived from NVD
inspiron 24 5421 all-in-one firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2023-32453derived from NVD
inspiron 27 7720 all-in-one firmwareNVD
Affected:< 1.4.0Fixed in:1.4.0CVE-2023-32453derived from NVD
inspiron 3020 desktop firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
inspiron 3493 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
inspiron 3511 firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
inspiron 3593 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
inspiron 3793 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
inspiron 3891 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
inspiron 3910 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
inspiron 5410 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
inspiron 5493 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
inspiron 5593 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
inspiron 7300 2-in-1 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
inspiron 7490 firmwareNVD
Affected:< 1.22.0Fixed in:1.22.0CVE-2023-32453derived from NVD
inspiron 7500 2-in-1 black firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
inspiron 7500 firmwareNVD
Affected:< 1.24.0Fixed in:1.24.0CVE-2023-32453derived from NVD
inspiron 7501 firmwareNVD
Affected:< 1.24.0Fixed in:1.24.0CVE-2023-32453derived from NVD
inspiron 7510 firmwareNVD
Affected:< 1.17.0Fixed in:1.17.0CVE-2023-32453derived from NVD
inspiron 7610 firmwareNVD
Affected:< 1.17.0Fixed in:1.17.0CVE-2023-32453derived from NVD
latitude 3140 firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2023-32453derived from NVD
latitude 3301 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
latitude 3320 firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
latitude 3330 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
latitude 3340 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
latitude 3400 firmwareNVD
Affected:< 1.29.0Fixed in:1.29.0CVE-2023-32453derived from NVD
latitude 3430 firmwareNVD
Affected:< 1.12.0Fixed in:1.12.0CVE-2023-32453derived from NVD
latitude 3440 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
latitude 3500 firmwareNVD
Affected:< 1.29.0Fixed in:1.29.0CVE-2023-32453derived from NVD
latitude 3530 firmwareNVD
Affected:< 1.12.0Fixed in:1.12.0CVE-2023-32453derived from NVD
latitude 3540 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
latitude 5420 firmwareNVD
Affected:< 1.30.0Fixed in:1.30.0CVE-2023-32453derived from NVD
latitude 5430 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
latitude 5431 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
latitude 7230 rugged extreme tablet firmwareNVD
Affected:< 1.8.0Fixed in:1.8.0CVE-2023-32453derived from NVD
latitude 7320 firmwareNVD
Affected:< 1.28.0Fixed in:1.28.0CVE-2023-32453derived from NVD
latitude 7420 firmwareNVD
Affected:< 1.28.0Fixed in:1.28.0CVE-2023-32453derived from NVD
latitude 7520 firmwareNVD
Affected:< 1.28.0Fixed in:1.28.0CVE-2023-32453derived from NVD
latitude 9330 firmwareNVD
Affected:< 1.13.0Fixed in:1.13.0CVE-2023-32453derived from NVD
latitude 9520 firmwareNVD
Affected:< 1.24.0Fixed in:1.24.0CVE-2023-32453derived from NVD
latitude rugged 5430 firmwareNVD
Affected:< 1.20.0Fixed in:1.20.0CVE-2023-32453derived from NVD
latitude rugged 7330 firmwareNVD
Affected:< 1.20.0Fixed in:1.20.0CVE-2023-32453derived from NVD
optiplex 3000 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
optiplex 3000 thin client firmwareNVD
Affected:< 1.11.0Fixed in:1.11.0CVE-2023-32453derived from NVD
optiplex 5000 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
optiplex 5090 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
optiplex 5400 all-in-one firmwareNVD
Affected:< 1.1.30Fixed in:1.1.30CVE-2023-32453derived from NVD
optiplex 5490 all-in-one firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
optiplex 7000 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
optiplex 7090 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
optiplex 7400 all-in-one firmwareNVD
Affected:< 1.1.30Fixed in:1.1.30CVE-2023-32453derived from NVD
optiplex 7410 all-in-one firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
optiplex 7490 all-in-one firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
optiplex micro plus 7010 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
optiplex small form factor plus 7010 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
optiplex tower plus 7010 firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
optiplex xe4 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
precision 3260 compact firmwareNVD
Affected:< 2.7.0Fixed in:2.7.0CVE-2023-32453derived from NVD
precision 3260 xe compact firmwareNVD
Affected:< 2.7.0Fixed in:2.7.0CVE-2023-32453derived from NVD
precision 3450 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
precision 3460 small form factor firmwareNVD
Affected:< 2.7.0Fixed in:2.7.0CVE-2023-32453derived from NVD
precision 3460 xe small form factor firmwareNVD
Affected:< 2.7.0Fixed in:2.7.0CVE-2023-32453derived from NVD
precision 3470 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
precision 3650 tower firmwareNVD
Affected:< 1.24.0Fixed in:1.24.0CVE-2023-32453derived from NVD
precision 3660 firmwareNVD
Affected:< 2.7.0Fixed in:2.7.0CVE-2023-32453derived from NVD
precision 5470 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
precision 5570 firmwareNVD
Affected:< 1.16.0Fixed in:1.16.0CVE-2023-32453derived from NVD
precision 5680 firmwareNVD
Affected:< 1.4.1Fixed in:1.4.1CVE-2023-32453derived from NVD
precision 5860 tower firmwareNVD
Affected:< 1.0.10Fixed in:1.0.10CVE-2023-32453derived from NVD
precision 7960 tower firmwareNVD
Affected:< 1.0.9Fixed in:1.0.9CVE-2023-32453derived from NVD
vostro 3020 sff firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
vostro 3020 t firmwareNVD
Affected:< 1.6.0Fixed in:1.6.0CVE-2023-32453derived from NVD
vostro 3510 firmwareNVD
Affected:< 1.23.0Fixed in:1.23.0CVE-2023-32453derived from NVD
vostro 3690 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
vostro 3710 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
vostro 3890 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
vostro 3910 firmwareNVD
Affected:< 1.15.0Fixed in:1.15.0CVE-2023-32453derived from NVD
vostro 5410 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
vostro 5491 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
vostro 5510 firmwareNVD
Affected:< 2.20.0Fixed in:2.20.0CVE-2023-32453derived from NVD
vostro 5591 firmwareNVD
Affected:< 1.27.0Fixed in:1.27.0CVE-2023-32453derived from NVD
vostro 5890 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
vostro 7500 firmwareNVD
Affected:< 1.24.0Fixed in:1.24.0CVE-2023-32453derived from NVD
vostro 7510 firmwareNVD
Affected:< 1.17.0Fixed in:1.17.0CVE-2023-32453derived from NVD
xps 13 7390 2-in-1 firmwareNVD
Affected:< 1.26.0Fixed in:1.26.0CVE-2023-32453derived from NVD
xps 13 7390 firmwareNVD
Affected:< 1.21.0Fixed in:1.21.0CVE-2023-32453derived from NVD
xps 13 9300 firmwareNVD
Affected:< 1.19.0Fixed in:1.19.0CVE-2023-32453derived from NVD
xps 13 9305 firmwareNVD
Affected:< 1.16.0Fixed in:1.16.0CVE-2023-32453derived from NVD
xps 13 9310 2-in-1 firmwareNVD
Affected:< 2.19.0Fixed in:2.19.0CVE-2023-32453derived from NVD
xps 13 9310 firmwareNVD
Affected:< 3.17.0Fixed in:3.17.0CVE-2023-32453derived from NVD
xps 13 9315 firmwareNVD
Affected:< 1.13.0Fixed in:1.13.0CVE-2023-32453derived from NVD
xps 15 9520 firmwareNVD
Affected:< 1.16.0Fixed in:1.16.0CVE-2023-32453derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityHigh
AvailabilityLow

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Exploit Intelligence

0.21%probability of exploitation in 30 days
11thpercentile

Low risk: more likely to be exploited than 11% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-287 (Improper Authentication) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-35082Critical9.8100%KEV + RansomFix
CVE-2023-35078Critical9.8100%KEV + RansomFix
CVE-2017-7921Critical9.8100%KEV-
CVE-2024-7593Critical9.8100%KEV-
CVE-2023-46805High8.2100%KEV + Ransom-
CVE-2022-40684Critical9.8100%KEV + RansomFix
Embed a live status badge for CVE-2023-32453
CVE-2023-32453 severity badge

Markdown

[![CVE-2023-32453](https://tridentstack.com/cve/badge/CVE-2023-32453.svg)](https://tridentstack.com/cve/CVE-2023-32453)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-32453"><img src="https://tridentstack.com/cve/badge/CVE-2023-32453.svg" alt="CVE-2023-32453"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.