CVE-2020-5326

Summary

Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.

Affected Software

VendorProductVersion RangeStatus
DellDell Client Consumer and Commercial Platformshttps://www.dell.com/support/article/SLN320337affected

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CVE Program Container

Additional References

References