CVE-2023-28056

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jun 23, 2023

Updated: Jun 28, 2023

CWE ID 20

Summary

CVE-2023-28056 is a vulnerability affecting Dell BIOS software. Malicious local users with administrator privileges can exploit this improper input validation issue to modify a UEFI variable. This vulnerability poses a significant risk, as UEFI variables play a crucial role in the boot process and system configuration. Successful exploitation could result in unauthorized system modifications or even persistent rootkits. Users are strongly urged to apply the recommended patch from Dell as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rv6ArZ
https://www.cve.org/CVERecord?id=CVE-2023-28056
https://nvd.nist.gov/vuln/detail/CVE-2023-28056

Back to Vulnerability Database

CVE-2023-28056

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations