Description


Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.

Related CPE's












o

dell

latitude_7212_rugged_extreme_tablet_firmware

2


o

dell

latitude_7280_firmware

2


o

dell

latitude_7290_firmware

2


o

dell

latitude_7285_firmware

2


o

dell

latitude_7370_firmware

2





































Weaknesses



NVD-CWE-noinfo


CWE-255

CVSS impact metrics


CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.4 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-09-28T20:15:07.397

3 years ago

Last modified

2023-06-30T17:51:46.287

2 years ago