Lucene search
DellCVE-2024-0162HistoryMar 13, 2024 - 5:15 p.m.
CVE-2024-0162
2024-03-1317:15:46
CWE-119
dell
web.nvd.nist.gov
18
dell
bios
smm
communication
vulnerability
exploit
smram
nvd
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
AI Score
5.2
Confidence
High
EPSS
0
Percentile
9.0%
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.
Affected configurations
Node
dellpoweredge_bios_intel_16gRange≤2.0.0
ORdellpoweredge_bios_intel_16gRange≤1.7.6
ORdellpoweredge_bios_intel_16gRange≤1.7.2
ORdellpoweredge_bios_intel_16gRange≤1.2.3
ORdellpoweredge_bios_intel_16gRange≤1.13.2
ORdellpoweredge_bios_intel_16gRange≤1.9.1
ORdellpoweredge_bios_intel_16gRange≤1.14.1
ORdellpoweredge_bios_intel_16gRange≤2.14.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | poweredge_bios_intel_16g | * | cpe:2.3:a:dell:poweredge_bios_intel_16g:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "PowerEdge BIOS Intel 16G",
"vendor": "Dell",
"versions": [
{
"lessThan": " 2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-0162
2024-03-13 17:15:46
cvelist
cvelist
CVE-2024-0162
2024-03-13 16:18:23
prion
prion
Design/Logic Flaw
2024-03-13 17:15:00
vulnrichment
vulnrichment
CVE-2024-0162
2024-03-13 16:18:23
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
AI Score
5.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-0162