CVE-2022-26865
CVE-2022-26865
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.8EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 may 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Dell · Dell OS Recovery Tool¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →