CVE-2020-26186

Summary

Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the RuntimeServices structure to execute arbitrary code in System Management Mode (SMM).

Affected Software

VendorProductVersion RangeStatus
DellCPG BIOSunspecified < 1.4.1affected

Weaknesses

  • CWE-642: CWE-642: External Control of Critical State Data

ADP Enrichment

CVE Program Container

Additional References

References