#VU76168 Out-of-bounds write in Dell products - CVE-2023-25537

Vulnerability identifier: #VU76168

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-25537

CWE-ID: CWE-787

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
PowerEdge R740
Hardware solutions / Firmware
PowerEdge R740XD
Hardware solutions / Firmware
PowerEdge R640
Hardware solutions / Firmware
PowerEdge R940
Hardware solutions / Firmware
PowerEdge R540
Hardware solutions / Firmware
PowerEdge R440
Hardware solutions / Firmware
PowerEdge T440
Hardware solutions / Firmware
PowerEdge XR2
Hardware solutions / Firmware
PowerEdge R740XD2
Hardware solutions / Firmware
PowerEdge R840
Hardware solutions / Firmware
PowerEdge R940XA
Hardware solutions / Firmware
PowerEdge T640
Hardware solutions / Firmware
PowerEdge C6420
Hardware solutions / Firmware
PowerEdge FC640
Hardware solutions / Firmware
PowerEdge M640
Hardware solutions / Firmware
PowerEdge M640 (for PE VRTX)
Hardware solutions / Firmware
PowerEdge MX740C
Hardware solutions / Firmware
PowerEdge MX840C
Hardware solutions / Firmware
PowerEdge C4140
Hardware solutions / Firmware
DSS 8440
Hardware solutions / Firmware
PowerEdge XE2420
Hardware solutions / Firmware
PowerEdge XE7420
Hardware solutions / Firmware
PowerEdge XE7440
Hardware solutions / Firmware
Dell EMC Storage NX3240
Hardware solutions / Firmware
Dell EMC Storage NX3340
Hardware solutions / Firmware
Dell EMC XC Core 6420 System
Hardware solutions / Firmware
Dell EMC XC Core XC640 System
Hardware solutions / Firmware
Dell EMC XC Core XC740xd System
Hardware solutions / Firmware
Dell EMC XC Core XC740xd2
Hardware solutions / Firmware
Dell EMC XC Core XC940 System
Hardware solutions / Firmware
Dell EMC XC Core XCXR2
Hardware solutions / Firmware

Vendor: Dell

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in System Management Mode. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PowerEdge R740: before 2.18.1

PowerEdge R740XD: before 2.18.1

PowerEdge R640: before 2.18.1

PowerEdge R940: before 2.18.1

PowerEdge R540: before 2.18.1

PowerEdge R440: before 2.18.1

PowerEdge T440: before 2.18.1

PowerEdge XR2: before 2.18.1

PowerEdge R740XD2: before 2.18.1

PowerEdge R840: before 2.18.1

PowerEdge R940XA: before 2.18.1

PowerEdge T640: before 2.18.1

PowerEdge C6420: before 2.18.1

PowerEdge FC640: before 2.18.1

PowerEdge M640: before 2.18.1

PowerEdge M640 (for PE VRTX): before 2.18.1

PowerEdge MX740C: before 2.18.1

PowerEdge MX840C: before 2.18.1

PowerEdge C4140: before 2.18.1

DSS 8440: before 2.18.1

PowerEdge XE2420: before 2.18.1

PowerEdge XE7420: before 2.18.1

PowerEdge XE7440: before 2.18.1

Dell EMC Storage NX3240: before 2.18.1

Dell EMC Storage NX3340: before 2.18.1

Dell EMC XC Core 6420 System: before 2.18.1

Dell EMC XC Core XC640 System: before 2.18.1

Dell EMC XC Core XC740xd System: before 2.18.1

Dell EMC XC Core XC740xd2: before 2.18.1

Dell EMC XC Core XC940 System: before 2.18.1

Dell EMC XC Core XCXR2: before 2.18.1

---

External links
https://www.dell.com/support/kbdoc/nl-nl/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.