PT-2020-18439 · Dell · Dell Inspiron 7347 Bios

F1Sh

Published

2020-09-02

Updated

2020-09-14

CVE-2020-5376

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Dell Inspiron 7347 BIOS versions prior to A13

Description The issue allows a local attacker with access to system memory to exploit a UEFI BIOS Boot Services overwrite vulnerability. This can be done by overwriting the EFI BOOT SERVICES structure, enabling the execution of arbitrary code in System Management Mode (SMM).

Recommendations For Dell Inspiron 7347 BIOS versions prior to A13, update the BIOS to version A13 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2020-5376

Affected Products

Dell Inspiron 7347 Bios

PT-2020-18439 · Dell · Dell Inspiron 7347 Bios

CVE-2020-5376

Weakness Enumeration

Related Identifiers

Affected Products

References · 3