Dell Manageability interface Missing Authorization Vulnerability

Summary

Dell Client Consumer and Commercial platforms include an improper authorization vulnerability.

Credit:

The information has been provided by Vendor

The original article can be found at:https://www.dell.com/support/article/SLN321726


Details

Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.

 

Vulnerable Systems:

Dell Manageability interface 

 

CVE Information:

CVE-2020-5362

Disclosure Timeline:
Published Date:6/10/2020

Categories: News