CVE-2020-5362
7.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:H
Summary
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Dell Client Consumer and Commercial platforms | https://www.dell.com/support/article/SLN321726 | affected |
Weaknesses
- CWE-285: CWE-285: Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.