Severity
Medium
Analysis Summary
CVE-2023-44297, CVE-2023-44298
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS could allow a physically proximate attacker to execute arbitrary code on the system, caused by an active debug code security vulnerability. An attacker could exploit this vulnerability to execute arbitrary code on the system, tamper with information, or cause a denial of service.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-44297
- CVE-2023-44298
Affected Vendors
Dell
Affected Products
- Dell PowerEdge R660 1.4.4
- Dell PowerEdge R760 1.4.4
- Dell PowerEdge R860 1.4.4
- Dell PowerEdge R960 1.4.4
- Dell PowerEdge T560 1.4.4
- Dell PowerEdge C6620 1.4.4
- Dell PowerEdge MX760c 1.4.4
- Dell PowerEdge HS5610 1.4.4
- Dell PowerEdge HS5620 1.4.4
- Dell PowerEdge R660xs 1.4.4
- Dell PowerEdge R760xs 1.4.4
- Dell PowerEdge R760xd2 1.4.4
- Dell PowerEdge R760xa 1.4.4
Remediation
Refer to Dell Security Advisory for patch, upgrade or suggested workaround information.