CVE-2023-28028

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jun 23, 2023

Updated: Jun 28, 2023

CWE ID 20

Summary

CVE-2023-28028 is a vulnerability affecting Dell BIOS that involves improper input validation. This issue allows a local, authenticated user with administrator privileges to manipulate UEFI variables, potentially resulting in security risks. The vulnerability could be exploited to introduce unauthorized changes to the system configuration, potentially leading to unintended or malicious outcomes. Users are strongly encouraged to apply the necessary patches to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rtpGxG
https://www.cve.org/CVERecord?id=CVE-2023-28028
https://nvd.nist.gov/vuln/detail/CVE-2023-28028

Back to Vulnerability Database

CVE-2023-28028

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations