CVE-2024-22453

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-22453
Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:poweredge_r730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r730:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:poweredge_r730xd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r730xd:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:poweredge_r630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r630:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:poweredge_c4130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c4130:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:poweredge_r930_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r930:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:poweredge_m630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m630:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:poweredge_m630_\(pe_vrtx\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m630_\(pe_vrtx\):-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:poweredge_fc630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc630:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:poweredge_fc430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc430:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:poweredge_m830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m830:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:poweredge_m830_\(pe_vrtx\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m830_\(pe_vrtx\):-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:poweredge_fc830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc830:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:poweredge_t630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t630:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dell:poweredge_r530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r530:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dell:poweredge_r430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r430:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dell:poweredge_t430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t430:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dell:poweredge_r830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r830:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dell:poweredge_c6320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c6320:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dell:nx3230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:nx3230:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dell:nx3330_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:nx3330:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:dell:xc6320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc6320:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:dell:xc430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc430:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:dell:xc630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc630:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:dell:xc730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc730:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:dell:xc730xd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc730xd:-:*:*:*:*:*:*:*
History

04 Feb 2025, 17:31

Type Values Removed Values Added
CPE cpe:2.3:o:dell:xc630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc730:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_c4130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m830_\(pe_vrtx\):-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r430:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m630_\(pe_vrtx\):-:*:*:*:*:*:*:*
cpe:2.3:o:dell:xc430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t430:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:nx3330_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c4130:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_t430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc630:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t630:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:xc6320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c6320:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:nx3230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc730xd:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:nx3330:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r730xd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m630:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r630:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc830:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_m630_\(pe_vrtx\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_m830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc630:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc430:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_m630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_fc430:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r730xd:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r930_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r930:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r730:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_c6320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_fc430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r830:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:nx3230:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc6320:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_fc630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_t630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xc730_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_fc830_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xc730xd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r630_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r530:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r430_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_m830:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_m830_\(pe_vrtx\)_firmware:*:*:*:*:*:*:*:*
CWE CWE-787
References () https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability - () https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability - Vendor Advisory
First Time Dell poweredge R730xd Firmware
Dell poweredge M830 \(pe Vrtx\)
Dell poweredge Fc830 Firmware
Dell
Dell poweredge T430 Firmware
Dell poweredge M830 Firmware
Dell poweredge Fc630
Dell xc6320
Dell poweredge Fc430
Dell poweredge T630
Dell nx3230
Dell poweredge Fc830
Dell poweredge R930
Dell poweredge R730 Firmware
Dell xc730xd Firmware
Dell poweredge Fc430 Firmware
Dell poweredge M630 Firmware
Dell xc730
Dell poweredge R530
Dell xc430
Dell poweredge R430
Dell poweredge M630 \(pe Vrtx\)
Dell xc6320 Firmware
Dell poweredge C4130
Dell poweredge Fc630 Firmware
Dell poweredge R430 Firmware
Dell xc630 Firmware
Dell xc430 Firmware
Dell poweredge M830
Dell poweredge C6320
Dell poweredge R630
Dell xc630
Dell poweredge C4130 Firmware
Dell poweredge R730xd
Dell poweredge T430
Dell poweredge C6320 Firmware
Dell poweredge M630 \(pe Vrtx\) Firmware
Dell poweredge T630 Firmware
Dell poweredge R930 Firmware
Dell nx3330 Firmware
Dell nx3330
Dell nx3230 Firmware
Dell poweredge R630 Firmware
Dell poweredge R730
Dell xc730xd
Dell poweredge R830 Firmware
Dell poweredge R830
Dell poweredge M630
Dell poweredge M830 \(pe Vrtx\) Firmware
Dell poweredge R530 Firmware
Dell xc730 Firmware
Information

Published : 2024-03-19 08:15

Updated : 2025-02-04 17:31

NVD link : CVE-2024-22453

Mitre link : CVE-2024-22453

CVE.ORG link : CVE-2024-22453

JSON object : View

Products Affected

dell

  • poweredge_r930_firmware
  • poweredge_m830_\(pe_vrtx\)
  • poweredge_m830
  • xc6320
  • poweredge_r730
  • poweredge_r730_firmware
  • xc630
  • poweredge_r530_firmware
  • poweredge_r830_firmware
  • poweredge_r630_firmware
  • poweredge_fc630
  • poweredge_t630
  • poweredge_m630_\(pe_vrtx\)
  • nx3330_firmware
  • nx3230_firmware
  • poweredge_c6320
  • poweredge_r430
  • poweredge_r930
  • xc430_firmware
  • poweredge_fc430_firmware
  • nx3230
  • poweredge_fc430
  • poweredge_m830_\(pe_vrtx\)_firmware
  • poweredge_fc830
  • poweredge_m630_\(pe_vrtx\)_firmware
  • xc6320_firmware
  • poweredge_r630
  • poweredge_m630
  • poweredge_r730xd
  • poweredge_r830
  • poweredge_c4130
  • xc430
  • xc730
  • xc630_firmware
  • poweredge_m630_firmware
  • poweredge_fc830_firmware
  • nx3330
  • xc730xd_firmware
  • poweredge_c4130_firmware
  • poweredge_c6320_firmware
  • poweredge_t630_firmware
  • poweredge_t430_firmware
  • poweredge_t430
  • xc730xd
  • xc730_firmware
  • poweredge_m830_firmware
  • poweredge_fc630_firmware
  • poweredge_r730xd_firmware
  • poweredge_r530
  • poweredge_r430_firmware
CWE
CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write