Lucene search
K

30 matches found

CVE
CVE
added 2021/06/24 5:0 p.m.78 views

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow (CVE-2021-21573) in the Dell Client BIOS. An authenticated local admin can exploit this to execute arbitrary code and bypass UEFI restrictions. Dell released patches via BIOS firmware updates (per advisory 000188682); ensure affected systems are...

7.5CVSS7.7AI score0.00279EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/24 5:0 p.m.27 views

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions...

7.2CVSS8AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/24 5:0 p.m.23 views

CVE-2021-21572

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions...

7.2CVSS8AI score0.00263EPSS
Exploits0References1
CVE
CVE
added 2021/06/24 5:0 p.m.76 views

CVE-2021-21572

CVE-2021-21572 is a Dell BIOSConnect buffer-overflow vulnerability in the Dell Client BIOS. An authenticated malicious admin with local access could exploit the flaw to execute arbitrary code and bypass UEFI restrictions. Several connected sources (CNVD, NVD, CNNSC/nasl-like advisories, and Nessu...

7.5CVSS7.7AI score0.00263EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/24 5:0 p.m.95 views

CVE-2021-21571

CVE-2021-21571 concerns the Dell BIOSConnect/HTTPS Boot stack in Dell UEFI BIOS. The vulnerability is due to improper certificate validation in the BIOSConnect HTTPS path, enabling a MITM attacker to remotely deliver content and potentially cause denial of service and payload tampering. Affected ...

6.5CVSS6.8AI score0.00626EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2021/06/24 10:24 a.m.78 views

BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models

Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. "As the attacker has the...

7.5CVSS1.1AI score0.00626EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.11 views

Dell BIOSConnect feature 缓冲区错误漏洞

DELL Dell BIOSConnect is a base platform from Dell USA that enables the BIOS to connect to Dell's HTTP backend and load images via the HTTP method. A buffer error vulnerability exists in the Dell BIOSConnect feature that allows a malicious administrator user with local access to the system to run...

7.5CVSS8.1AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.13 views

Dell BIOSConnect信任管理问题漏洞

DELL Dell BIOSConnect is an underlying platform from Dell USA that enables BIOS to connect to Dell's HTTP backend and load images via the HTTP method. A trust management issue vulnerability exists in the Dell BIOSConnect feature and Dell HTTPS Boot feature that stems from an incorrect certificate...

6.5CVSS6.9AI score0.00626EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.8 views

Dell BIOSConnect feature 缓冲区错误漏洞

Dell BIOSConnect is an underlying platform from Dell USA that enables BIOS to connect to Dell's HTTP backend and load images via HTTP methods. A buffer error vulnerability exists in the Dell BIOSConnect feature that can be exploited by an attacker to run arbitrary code and bypass UEFI restriction...

7.5CVSS6.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.8 views

Dell BIOSConnect feature 缓冲区错误漏洞

Dell BIOSConnect is an underlying platform from Dell USA that enables BIOS to connect to Dell's HTTP backend and load images via HTTP methods. A buffer overflow vulnerability exists in the Dell BIOSConnect feature that can be exploited by an attacker to run arbitrary code and bypass UEFI...

7.5CVSS6.4AI score0.00287EPSS
Exploits0References2
Rows per page
Query Builder