CVE-2020-5388
https://notcve.org/view.php?id=CVE-2020-5388
Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. Dell Inspiron 15 7579 2-en-1 BIOS versiones anteriores a 1.31.0, contienen una vulnerabilidad de verificación de búfer de comunicación SMM Inapropiada. Un usuario malicioso autenticado local podría potencialmente explotar esta vulnerabilidad mediante el uso de una SMI para obtener una ejecución de código arbitraria en SMRAM • https://www.dell.com/support/article/en-us/sln322869/dsa-2020-215-dell-inspiron-15-7579-2-in-1-improper-smm-communication-buffer-boundary-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2020-5362
https://notcve.org/view.php?id=CVE-2020-5362
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values. Plataformas Dell Client Consumer and Commercial, incluyen una vulnerabilidad de autorización inapropiada en la interfaz de Administración de Dell para la cual un actor no autorizado, con acceso al sistema local con privilegios de administrador del Sistema Operativo, podría omitir la autenticación del Administrador del BIOS para restaurar la configuración de BIOS Setup a los valores predeterminados • https://www.dell.com/support/article/SLN321726 • CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVE-2019-3717
https://notcve.org/view.php?id=CVE-2019-3717
Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability. Las plataformas Select Dell Client Commercial and Consumer contienen una vulnerabilidad de Acceso Inapropiado. • https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en •