high
7.1
CWE
1234 667
Advisory Published
Updated

CVE-2023-44297

First published: Tue Dec 05 2023(Updated: )

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.

Credit: security_alert@emc.com

Affected SoftwareAffected VersionHow to fix
All of
Dell PowerEdge r660 firmware=1.4.4
Dell PowerEdge r660 firmware
All of
Dell PowerEdge r760 firmware=1.4.4
Dell PowerEdge r760
All of
Dell PowerEdge c6620 firmware=1.4.4
Dell PowerEdge c6620 firmware
All of
Dell PowerEdge mx760c firmware=1.4.4
Dell PowerEdge mx760c firmware
All of
Dell PowerEdge r860 firmware=1.4.4
Dell PowerEdge r860 firmware
All of
Dell PowerEdge r960 firmware=1.4.4
Dell PowerEdge R960
All of
Dell PowerEdge hs5610=1.4.4
Dell PowerEdge hs5610
All of
Dell PowerEdge hs5620 firmware=1.4.4
Dell PowerEdge hs5620 firmware
All of
Dell PowerEdge r660xs firmware=1.4.4
Dell PowerEdge r660xs
All of
Dell PowerEdge R760xs firmware=1.4.4
Dell PowerEdge R760xs firmware
All of
Dell PowerEdge r760xd2=1.4.4
Dell PowerEdge r760xd2 firmware
All of
Dell PowerEdge t560 firmware=1.4.4
Dell PowerEdge t560 firmware
All of
Dell PowerEdge r760xa firmware=1.4.4
Dell PowerEdge r760xa firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-44297?

    CVE-2023-44297 has a high severity rating due to its potential for code execution and information disclosure by unauthenticated physical attackers.

  • How do I fix CVE-2023-44297?

    To fix CVE-2023-44297, update the BIOS of affected Dell PowerEdge platforms to the latest version available from Dell.

  • Which systems are affected by CVE-2023-44297?

    CVE-2023-44297 affects Dell PowerEdge platforms running BIOS version 1.4.4.

  • What type of vulnerability is CVE-2023-44297?

    CVE-2023-44297 is a security vulnerability that exists due to active debug code in the BIOS of certain Dell systems.

  • Can CVE-2023-44297 be exploited remotely?

    No, CVE-2023-44297 requires physical access to the vulnerable systems for exploitation.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203