PT-2013-4494 · Dell · Dell Bios
Corey Kallenberg
+2
·
Publicado
2013-08-28
·
Atualizado
2013-10-07
·
CVE-2013-3582
CVSS v2.0
7.6
Alta
| Vetor | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dell BIOS versions (affected versions not specified)
Description
The issue allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges. This is achieved by providing a crafted
rbu packet.pktNum value in conjunction with a crafted rbu packet.pktSize value, exploiting a buffer overflow in the Dell BIOS.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dell Bios