CVE-2020-5362

Summary

Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.

Affected Software

VendorProductVersion RangeStatus
DellDell Client Consumer and Commercial platformshttps://www.dell.com/support/article/SLN321726affected

Weaknesses

  • CWE-285: CWE-285: Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References