{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2023-39251",
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "state": "PUBLISHED",
        "assignerShortName": "dell",
        "dateReserved": "2023-07-26T08:15:44.773Z",
        "datePublished": "2023-12-22T17:55:18.705Z",
        "dateUpdated": "2024-08-02T18:02:06.678Z"
    },
    "containers": {
        "cna": {
            "affected": [
                {
                    "defaultStatus": "unaffected",
                    "platforms": [
                        "Inspiron 7510",
                        "Inspiron 7610",
                        "Latitude 5430 Rugged Laptop",
                        "Latitude 5521",
                        "Latitude 7330 Rugged Laptop",
                        "Precision 3561",
                        "Precision 5560",
                        "Precision 5760",
                        "Precision 7560",
                        "Precision 7760",
                        "Vostro 7510",
                        "XPS 15 9510",
                        "XPS 17 9710"
                    ],
                    "product": "CPG BIOS",
                    "vendor": "Dell",
                    "versions": [
                        {
                            "status": "affected",
                            "version": "Versions prior to 1.20.0"
                        },
                        {
                            "status": "affected",
                            "version": "Versions prior to 1.23.0"
                        },
                        {
                            "status": "affected",
                            "version": "Versions prior to 1.27.0"
                        },
                        {
                            "status": "affected",
                            "version": "Versions prior to 1.25.0"
                        },
                        {
                            "status": "affected",
                            "version": "Versions prior to 1.24.0"
                        }
                    ]
                }
            ],
            "credits": [
                {
                    "lang": "en",
                    "type": "finder",
                    "user": "00000000-0000-4000-9000-000000000000",
                    "value": "Dell Technologies would like to thank Eason for reporting this issue."
                }
            ],
            "datePublic": "2023-12-19T06:30:00.000Z",
            "descriptions": [
                {
                    "lang": "en",
                    "supportingMedia": [
                        {
                            "base64": false,
                            "type": "text/html",
                            "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.</span>\n\n"
                        }
                    ],
                    "value": "\nDell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.\n\n"
                }
            ],
            "metrics": [
                {
                    "cvssV3_1": {
                        "attackComplexity": "LOW",
                        "attackVector": "LOCAL",
                        "availabilityImpact": "LOW",
                        "baseScore": 6.7,
                        "baseSeverity": "MEDIUM",
                        "confidentialityImpact": "NONE",
                        "integrityImpact": "HIGH",
                        "privilegesRequired": "HIGH",
                        "scope": "CHANGED",
                        "userInteraction": "NONE",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:L",
                        "version": "3.1"
                    },
                    "format": "CVSS",
                    "scenarios": [
                        {
                            "lang": "en",
                            "value": "GENERAL"
                        }
                    ]
                }
            ],
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "cweId": "CWE-20",
                            "description": "CWE-20: Improper Input Validation",
                            "lang": "en",
                            "type": "CWE"
                        }
                    ]
                }
            ],
            "providerMetadata": {
                "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
                "shortName": "dell",
                "dateUpdated": "2023-12-22T17:55:18.705Z"
            },
            "references": [
                {
                    "tags": [
                        "vendor-advisory"
                    ],
                    "url": "https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342"
                }
            ],
            "source": {
                "discovery": "UNKNOWN"
            },
            "x_generator": {
                "engine": "Vulnogram 0.1.0-dev"
            }
        },
        "adp": [
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-02T18:02:06.678Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "tags": [
                            "vendor-advisory",
                            "x_transferred"
                        ],
                        "url": "https://www.dell.com/support/kbdoc/en-us/000217707/dsa-2023-342"
                    }
                ]
            }
        ]
    }
}