Article Number: 000217707

DSA-2023-342: Security Update for a Dell Client BIOS Vulnerability

Summary: Dell Client BIOS remediation is available for an improper input validation vulnerability that could be exploited by malicious users to compromise the affected systems.

Article Content

Impact

Medium

Details

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2023-39251	Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.	6.7	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2023-39251	Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.	6.7	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product	Software/Firmware	Affected Versions	Remediated Versions	BIOS Release Date	Link
Alienware m15 R6	BIOS	Versions prior to 1.27.0	1.27.0 or later	01/08/2024	Go to the Drivers & Downloads site for updates
Dell G15 5511	BIOS	Versions prior to 1.26.0	1.26.0 or later	01/08/2024	Go to the Drivers & Downloads site for updates
Inspiron 7510	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Inspiron 7610	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5430 Rugged Laptop	BIOS	Versions prior to 1.23.0	1.23.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5521	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 7330 Rugged Laptop	BIOS	Versions prior to 1.23.0	1.23.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5421	BIOS	Versions prior to 1.26.0	1.26.0 or later	12/19/2023	Go to the Drivers & Downloads site for updates
Precision 3561	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Precision 5560	BIOS	Versions prior to 1.25.0	1.25.0 or later	12/15/2023	Go to the Drivers & Downloads site for updates
Precision 5760	BIOS	Versions prior to 1.24.0	1.24.0 or later	12/12/2023	Go to the Drivers & Downloads site for updates
Precision 7560	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/14/2023	Go to the Drivers & Downloads site for updates
Precision 7760	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/14/2023	Go to the Drivers & Downloads site for updates
Vostro 7510	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
XPS 15 9510	BIOS	Versions prior to 1.25.0	1.25.0 or later	12/15/2023	Go to the Drivers & Downloads site for updates
XPS 17 9710	BIOS	Versions prior to 1.24.0	1.24.0 or later	12/12/2023	Go to the Drivers & Downloads site for updates

Product	Software/Firmware	Affected Versions	Remediated Versions	BIOS Release Date	Link
Alienware m15 R6	BIOS	Versions prior to 1.27.0	1.27.0 or later	01/08/2024	Go to the Drivers & Downloads site for updates
Dell G15 5511	BIOS	Versions prior to 1.26.0	1.26.0 or later	01/08/2024	Go to the Drivers & Downloads site for updates
Inspiron 7510	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Inspiron 7610	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5430 Rugged Laptop	BIOS	Versions prior to 1.23.0	1.23.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5521	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 7330 Rugged Laptop	BIOS	Versions prior to 1.23.0	1.23.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Latitude 5421	BIOS	Versions prior to 1.26.0	1.26.0 or later	12/19/2023	Go to the Drivers & Downloads site for updates
Precision 3561	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
Precision 5560	BIOS	Versions prior to 1.25.0	1.25.0 or later	12/15/2023	Go to the Drivers & Downloads site for updates
Precision 5760	BIOS	Versions prior to 1.24.0	1.24.0 or later	12/12/2023	Go to the Drivers & Downloads site for updates
Precision 7560	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/14/2023	Go to the Drivers & Downloads site for updates
Precision 7760	BIOS	Versions prior to 1.27.0	1.27.0 or later	12/14/2023	Go to the Drivers & Downloads site for updates
Vostro 7510	BIOS	Versions prior to 1.20.0	1.20.0 or later	12/13/2023	Go to the Drivers & Downloads site for updates
XPS 15 9510	BIOS	Versions prior to 1.25.0	1.25.0 or later	12/15/2023	Go to the Drivers & Downloads site for updates
XPS 17 9710	BIOS	Versions prior to 1.24.0	1.24.0 or later	12/12/2023	Go to the Drivers & Downloads site for updates

Acknowledgements

Dell Technologies would like to thank Eason for reporting this issue.

Revision History

Revision	Date	Description
1.0	2023-12-19	Initial Release
2.0	2024-01-12	Final Platform List Update

Related Information

Legal Information

Article Properties

Affected Product

Alienware m15 R6, Dell G15 5511, Latitude 7330 Rugged Extreme, Latitude 5430 Rugged, Latitude 5521, Precision 3561, Precision 5560, Precision 7560, Precision 5760, Precision 7760, XPS 15 9510, XPS 17 9710

Product

Alienware m15 R7, Alienware m16, Alienware m18, Dell G5 15 5500, Dell G15 5520, Dell G7 15 7500, Dell G16 7620, Dell G7 17 7700, Inspiron 7300 2-in-1, Inspiron 3493, Inspiron 5493, Inspiron 7490, Inspiron 15 3511, Inspiron 3593, Inspiron 15 5510/5518 , Inspiron 5593, Inspiron 7500 2-in-1 Black, Inspiron 7500, Inspiron 7501, Inspiron 3793, Inspiron 24 5420 All-in-One, Inspiron 24 5421 All-in-One, Inspiron 27 7720 All-in-One, Inspiron 3020 Desktop, Inspiron 3020 Small Desktop, Inspiron 3891, Inspiron 3910, Latitude 3140, Latitude 7230 Rugged Extreme Tablet, Latitude 3301, Latitude 3320, Latitude 3330, Latitude 3340, Latitude 7320, Latitude 7330 Rugged Extreme, Latitude 9330, Latitude 3400, Latitude 3430, Latitude 3440, Latitude 5421, Latitude 5431, Latitude 7420, Latitude 3500, Latitude 3530, Latitude 3540, Latitude 7520, Latitude 9520, Latitude 5420, Latitude 5430, OptiPlex 3000 Tower, OptiPlex 3000 Micro, OptiPlex 3000 Small Form Factor, OptiPlex 3000 Thin Client, Optiplex 5000 Tower, OptiPlex 5000 Micro, OptiPlex 5000 Small Form Factor, OptiPlex 5090 Tower, OptiPlex 5090 Micro, OptiPlex 5090 Small Form Factor, OptiPlex 5400 All-In-One, OptiPlex 7000 Tower, OptiPlex 7000 Micro, OptiPlex 7000 Small Form Factor, OptiPlex Micro Plus 7010, OptiPlex Small Form Factor Plus 7010, OptiPlex 7090 Micro, OptiPlex 7090 Small Form Factor, OptiPlex 7090 Ultra, OptiPlex 7400 All-In-One, OptiPlex All-In-One 7410, OptiPlex 7490 All-In-One, OptiPlex XE4, Precision 3260 XE Compact, Precision 3450 XE Small Form Factor, Precision 3460 XE Small Form Factor, OptiPlex 7000 XE Micro, OptiPlex XE4 OEM-Ready, Precision 3470, Precision 5470, Precision 5570, Precision 5680, Precision 3260 Compact, Precision 3450 Small Form Factor, Precision 3460 Small Form Factor, Precision 3650 Tower, Precision 3660 Tower, Precision 5860 Tower, Precision 7960 Tower, Vostro 7500, Vostro 3020 Tower Desktop, Vostro 3020 Small Desktop, Vostro 3690, Vostro 3710, Vostro 3890, Vostro 3910, Vostro 5890, XPS 13 7390 2-in-1, XPS 13 7390, XPS 13 9300, XPS 13 9305, XPS 13 9310 2-in-1, XPS 13 9310, XPS 13 9315 ...

DSA-2023-342: Security Update for a Dell Client BIOS Vulnerability

Summary: Dell Client BIOS remediation is available for an improper input validation vulnerability that could be exploited by malicious users to compromise the affected systems.

Article Content

Impact

Details

Affected Products and Remediation

Acknowledgements

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Product

Last Published Date

Version

Article Type

Welcome

Welcome to Dell

DSA-2023-342: Security Update for a Dell Client BIOS Vulnerability

Summary: Dell Client BIOS remediation is available for an improper input validation vulnerability that could be exploited by malicious users to compromise the affected systems.

Article Content

Impact

Details

Affected Products and Remediation

Acknowledgements

Revision History

Related Information

Legal Information

Article Properties

Affected Product

Product

Last Published Date

Version

Article Type