Design/Logic Flaw

2023-08-1620:15:00

PRIOn knowledge base

www.prio-n.com

dell bios

logic flaw

time-of-check time-of-use

vulnerability

dma transaction

smi

arbitrary code execution

nvd

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.

CPENameOperatorVersion
alienware_m15_r7_firmwarelt1.18.0
alienware_m16_firmwarelt1.10.1
alienware_m18_firmwarelt1.10.1
chengming_3900_firmwarelt1.15.0
chengming_3901_firmwarelt1.15.0
chengming_3910_firmwarelt1.6.0
chengming_3911_firmwarelt1.6.0
chengming_3980_firmwarelt2.32.0
chengming_3990_firmwarelt1.21.0
chengming_3991_firmwarelt1.21.0

Name	Operator	Version
alienware_m15_r7_firmware	lt	1.18.0
alienware_m16_firmware	lt	1.10.1
alienware_m18_firmware	lt	1.10.1
chengming_3900_firmware	lt	1.15.0
chengming_3901_firmware	lt	1.15.0
chengming_3910_firmware	lt	1.6.0
chengming_3911_firmware	lt	1.6.0
chengming_3980_firmware	lt	2.32.0
chengming_3990_firmware	lt	1.21.0
chengming_3991_firmware	lt	1.21.0