CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18579
https://notcve.org/view.php?id=CVE-2019-18579
Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot. La configuración de las versiones anteriores a 1.1.3 del Dell XPS 13 2-in-1 (7390) BIOS, contiene una vulnerabilidad de configuración. La configuración del BIOS para la configuración "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" está habilitada por defecto. • https://www.dell.com/support/article/SLN319808 • CWE-16: Configuration •
CVSS: 7.2EPSS: 0%CPEs: 482EXPL: 0CVE-2019-3717
https://notcve.org/view.php?id=CVE-2019-3717
Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability. Las plataformas Select Dell Client Commercial and Consumer contienen una vulnerabilidad de Acceso Inapropiado. • https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en •