Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-31800 Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 08 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Dell cpg Bios
CPEs cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*
Vendors & Products Dell cpg Bios
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-10-08T19:02:39.400Z

Reserved: 2023-03-10T05:07:55.141Z

Link: CVE-2023-28075

cve-icon Vulnrichment

Updated: 2024-08-02T12:30:23.618Z

cve-icon NVD

Status : Modified

Published: 2023-08-16T20:15:09.427

Modified: 2024-11-21T07:54:20.853

Link: CVE-2023-28075

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.