Lucene search
DellCVELIST:CVE-2021-21572HistoryJun 24, 2021 - 5:00 p.m.
CVE-2021-21572
2021-06-2417:00:16
CWE-122
dell
www.cve.org
5
dell
biosconnect
buffer overflow
arbitrary code
uefi restrictions
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.
CNA Affected
[
{
"product": "BIOSConnect",
"vendor": "Dell",
"versions": [
{
"lessThan": "Gen 11, Gen 10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Buffer overflow
2021-06-24 17:15:00
cve
cve
CVE-2021-21572
2021-06-24 17:15:07
nvd
nvd
CVE-2021-21572
2021-06-24 17:15:07
thn
thn
BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models
2021-06-24 10:24:00
threatpost
threatpost
30M Dell Devices at Risk for Remote BIOS Attacks, RCE
2021-06-24 10:00:42
nessus
nessus
Dell Client BIOS Multiple Vulnerabilities (DSA-2021-106)
2021-09-13 00:00:00
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2021-21572