PT-2020-18441 · Dell · Dell G7 17 7790 Bios
Published
2020-09-02
·
Updated
2020-09-14
·
CVE-2020-5378
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dell G7 17 7790 BIOS versions prior to 1.13.2
Description
The issue allows a local attacker with access to system memory to exploit a UEFI BIOS Boot Services overwrite vulnerability. This can be done by overwriting the
EFI BOOT SERVICES structure, enabling the execution of arbitrary code in System Management Mode (SMM).Recommendations
For Dell G7 17 7790 BIOS versions prior to 1.13.2, update the BIOS to version 1.13.2 or later to resolve the issue.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell G7 17 7790 Bios