Lucene search

[email protected]NVD:CVE-2013-3582

HistoryAug 28, 2013 - 1:13 p.m.

CVE-2013-3582

2013-08-2813:13:58

CWE-119

[email protected]

web.nvd.nist.gov

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.4%

JSON

Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.

Affected configurations

NVD

Node

delllatitude_d530Match-

delllatitude_d531Match-

delllatitude_d630Match-

delllatitude_d631Match-

delllatitude_d830Match-

delllatitude_e4200Match-

delllatitude_e4300Match-

delllatitude_e5400Match-

delllatitude_e5500Match-

delllatitude_e6400Match-

delllatitude_e6400_atgMatch-

delllatitude_e6400_atg_xfrMatch-

delllatitude_e6500Match-

delllatitude_xt2Match-

delllatitude_z600Match-

dellprecision_m2300Match-

dellprecision_m2400Match-

dellprecision_m4300Match-

dellprecision_m4400Match-

dellprecision_m6300Match-

dellprecision_m6400Match-

dellprecision_m6500Match-

References

www.kb.cert.org/vuls/id/912156

www.kb.cert.org/vuls/id/BLUU-99HSLA

media.blackhat.com/us-13/US-13-Butterworth-BIOS-Security-Slides.pdf

media.blackhat.com/us-13/US-13-Butterworth-BIOS-Security-WP.pdf

www.blackhat.com/us-13/archives.html#Butterworth

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.4%

JSON

Related for NVD:CVE-2013-3582

cve1 cert1 prion1 cvelist1