CVE-2015-2890
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging console access, a similar issue to CVE-2015-3692.
Vulnerabilidad en la implementación de la BIOS en dispositivos Dell Latitude, OptiPlex, Precisision Mobile Workstation y Precision Workstation Client Solutions (CS) con modelo dependiente del firmware anterior a A21, no impone un mecanismo de protección de bloqueo BIOS_CNTL al ser despertado de la suspensión, lo que permite a usuarios locales conducir ataques de flash EFI mediante el aprovechamiento de acceso a la consola, un problema similar a CVE-2015-3692.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-04-03 CVE Reserved
- 2015-08-01 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.kb.cert.org/vuls/id/577140 | Third Party Advisory | |
http://www.kb.cert.org/vuls/id/BLUU-9XXQ9L | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a20 Search vendor "Dell" for product "Bios" and version " <= a20" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6420 Atg Search vendor "Dell" for product "Latitude E6420 Atg" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a20 Search vendor "Dell" for product "Bios" and version " <= a20" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6420 Xfr Search vendor "Dell" for product "Latitude E6420 Xfr" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a12 Search vendor "Dell" for product "Bios" and version " <= a12" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6220 Search vendor "Dell" for product "Latitude E6220" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a12 Search vendor "Dell" for product "Bios" and version " <= a12" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude Xt3 Search vendor "Dell" for product "Latitude Xt3" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E4310 Search vendor "Dell" for product "Latitude E4310" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E5410 Search vendor "Dell" for product "Latitude E5410" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E5510 Search vendor "Dell" for product "Latitude E5510" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6410 Atg Search vendor "Dell" for product "Latitude E6410 Atg" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6510 Search vendor "Dell" for product "Latitude E6510" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Precision Mobile M4600 Search vendor "Dell" for product "Precision Mobile M4600" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a15 Search vendor "Dell" for product "Bios" and version " <= a15" | - |
Affected
| in | Dell Search vendor "Dell" | Precision T1600 Search vendor "Dell" for product "Precision T1600" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a18 Search vendor "Dell" for product "Bios" and version " <= a18" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6320 Search vendor "Dell" for product "Latitude E6320" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a18 Search vendor "Dell" for product "Bios" and version " <= a18" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E6520 Search vendor "Dell" for product "Latitude E6520" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a14 Search vendor "Dell" for product "Bios" and version " <= a14" | - |
Affected
| in | Dell Search vendor "Dell" | Precision Mobile M4500 Search vendor "Dell" for product "Precision Mobile M4500" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a14 Search vendor "Dell" for product "Bios" and version " <= a14" | - |
Affected
| in | Dell Search vendor "Dell" | Precision Mobile M6600 Search vendor "Dell" for product "Precision Mobile M6600" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | a13 Search vendor "Dell" for product "Bios" and version "a13" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E4310 Search vendor "Dell" for product "Latitude E4310" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | a13 Search vendor "Dell" for product "Bios" and version "a13" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E5420 Search vendor "Dell" for product "Latitude E5420" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | a13 Search vendor "Dell" for product "Bios" and version "a13" | - |
Affected
| in | Dell Search vendor "Dell" | Latitude E5520 Search vendor "Dell" for product "Latitude E5520" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a11 Search vendor "Dell" for product "Bios" and version " <= a11" | - |
Affected
| in | Dell Search vendor "Dell" | Precision T3600 Search vendor "Dell" for product "Precision T3600" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a11 Search vendor "Dell" for product "Bios" and version " <= a11" | - |
Affected
| in | Dell Search vendor "Dell" | Precision T5600 Search vendor "Dell" for product "Precision T5600" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a11 Search vendor "Dell" for product "Bios" and version " <= a11" | - |
Affected
| in | Dell Search vendor "Dell" | Precision T5600 Xl Search vendor "Dell" for product "Precision T5600 Xl" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a10 Search vendor "Dell" for product "Bios" and version " <= a10" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 390 Search vendor "Dell" for product "Optiplex 390" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a17 Search vendor "Dell" for product "Bios" and version " <= a17" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 790 Search vendor "Dell" for product "Optiplex 790" | * | - |
Safe
|
Dell Search vendor "Dell" | Bios Search vendor "Dell" for product "Bios" | <= a17 Search vendor "Dell" for product "Bios" and version " <= a17" | - |
Affected
| in | Dell Search vendor "Dell" | Optiplex 990 Search vendor "Dell" for product "Optiplex 990" | * | - |
Safe
|