Design/Logic Flaw

2021-01-0819:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.9%

JSON

Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the RuntimeServices structure to execute arbitrary code in System Management Mode (SMM).

CPENameOperatorVersion
inspiron_5675_firmwarelt1.4.1

CPE	Name	Operator	Version
	inspiron_5675_firmware	lt	1.4.1

References

www.dell.com/support/kbdoc/en-us/000180645/dsa-2020-247-dell-client-platform-security-update-for-uefi-bios-runtimeservices-overwrite-vulnerability