CVE-2020-5362
CVE-2020-5362
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
10 Jun 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:H
Affected products
Dell · Dell Client Consumer and Commercial platformsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →