Dell Bios Update 2.18.1 (MINDBREEZE27623)

ID: MINDBREEZE27623 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 7.5 High 
Status: Final 
First published: November 23, 2023 
CVEs: CVE-2021-38578, CVE-2023-25537 

Summary

• Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize
• Out of Bounds write vulnerability in Dell PowerEdge BIOS

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 23.4 Release 
• Mindbreeze InSpire SaaS 23.4 Release