Authentication flaw

2020-02-2115:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

JSON

Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.

CPENameOperatorVersion
chengming_3980_firmwarelt2.13.0
embedded_box_pc_5000_firmwarelt1.6.0
g3_3579_firmwarelt1.10.0
g3_3590_firmwarelt1.4.3
g3_3779_firmwarelt1.10.0
g5_5587_firmwarelt1.11.1
g5_5590_firmwarelt1.8.0
g7_7588_firmwarelt1.11.1
g7_7590_firmwarelt1.8.0
g7_7790_firmwarelt1.8.0

Name	Operator	Version
chengming_3980_firmware	lt	2.13.0
embedded_box_pc_5000_firmware	lt	1.6.0
g3_3579_firmware	lt	1.10.0
g3_3590_firmware	lt	1.4.3
g3_3779_firmware	lt	1.10.0
g5_5587_firmware	lt	1.11.1
g5_5590_firmware	lt	1.8.0
g7_7588_firmware	lt	1.11.1
g7_7590_firmware	lt	1.8.0
g7_7790_firmware	lt	1.8.0

Rows per page:

1-10 of 1741

References

www.dell.com/support/article/SLN320337