// For flags

CVE-2021-36285

 

Severity Score

4.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.

Dell BIOS contiene una vulnerabilidad de restricción inapropiada de intentos de autenticación excesivos. Un administrador local autenticado malicioso podría explotar esta vulnerabilidad para omitir las mitigaciones de intentos de contraseña excesivos de NVMe con el fin de llevar a cabo un ataque de fuerza bruta

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-07-08 CVE Reserved
  • 2021-09-28 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-307: Improper Restriction of Excessive Authentication Attempts
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dell
Search vendor "Dell"
Latitude 5310 2-in-1 Firmware
Search vendor "Dell" for product "Latitude 5310 2-in-1 Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 5310 2-in-1 Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5310 2-in-1
Search vendor "Dell" for product "Latitude 5310 2-in-1"
--
Safe
Dell
Search vendor "Dell"
Latitude 5320 Firmware
Search vendor "Dell" for product "Latitude 5320 Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 5320 Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5320
Search vendor "Dell" for product "Latitude 5320"
--
Safe
Dell
Search vendor "Dell"
Latitude 5400 Firmware
Search vendor "Dell" for product "Latitude 5400 Firmware"
< 1.7.1
Search vendor "Dell" for product "Latitude 5400 Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5400
Search vendor "Dell" for product "Latitude 5400"
--
Safe
Dell
Search vendor "Dell"
Latitude 5411 Firmware
Search vendor "Dell" for product "Latitude 5411 Firmware"
< 1.6.0
Search vendor "Dell" for product "Latitude 5411 Firmware" and version " < 1.6.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5411
Search vendor "Dell" for product "Latitude 5411"
--
Safe
Dell
Search vendor "Dell"
Latitude 5500 Firmware
Search vendor "Dell" for product "Latitude 5500 Firmware"
< 1.8.0
Search vendor "Dell" for product "Latitude 5500 Firmware" and version " < 1.8.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5500
Search vendor "Dell" for product "Latitude 5500"
--
Safe
Dell
Search vendor "Dell"
Latitude 5520 Firmware
Search vendor "Dell" for product "Latitude 5520 Firmware"
< 1.6.0
Search vendor "Dell" for product "Latitude 5520 Firmware" and version " < 1.6.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5520
Search vendor "Dell" for product "Latitude 5520"
--
Safe
Dell
Search vendor "Dell"
Latitude 5511 Firmware
Search vendor "Dell" for product "Latitude 5511 Firmware"
< 1.7.1
Search vendor "Dell" for product "Latitude 5511 Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 5511
Search vendor "Dell" for product "Latitude 5511"
--
Safe
Dell
Search vendor "Dell"
Latitude 7212 Rugged Extreme Tablet Firmware
Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7212 Rugged Extreme Tablet
Search vendor "Dell" for product "Latitude 7212 Rugged Extreme Tablet"
--
Safe
Dell
Search vendor "Dell"
Latitude 7280 Firmware
Search vendor "Dell" for product "Latitude 7280 Firmware"
< 1.9.1
Search vendor "Dell" for product "Latitude 7280 Firmware" and version " < 1.9.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7280
Search vendor "Dell" for product "Latitude 7280"
--
Safe
Dell
Search vendor "Dell"
Latitude 7320 Firmware
Search vendor "Dell" for product "Latitude 7320 Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 7320 Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7320
Search vendor "Dell" for product "Latitude 7320"
--
Safe
Dell
Search vendor "Dell"
Latitude 7370 Firmware
Search vendor "Dell" for product "Latitude 7370 Firmware"
< 1.7.1
Search vendor "Dell" for product "Latitude 7370 Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7370
Search vendor "Dell" for product "Latitude 7370"
--
Safe
Dell
Search vendor "Dell"
Latitude 7420 Firmware
Search vendor "Dell" for product "Latitude 7420 Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 7420 Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7420
Search vendor "Dell" for product "Latitude 7420"
--
Safe
Dell
Search vendor "Dell"
Latitude 7480 Firmware
Search vendor "Dell" for product "Latitude 7480 Firmware"
< 1.7.1
Search vendor "Dell" for product "Latitude 7480 Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 7480
Search vendor "Dell" for product "Latitude 7480"
--
Safe
Dell
Search vendor "Dell"
Latitude 9410 Firmware
Search vendor "Dell" for product "Latitude 9410 Firmware"
< 1.7.1
Search vendor "Dell" for product "Latitude 9410 Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Latitude 9410
Search vendor "Dell" for product "Latitude 9410"
--
Safe
Dell
Search vendor "Dell"
Latitude 9510 Firmware
Search vendor "Dell" for product "Latitude 9510 Firmware"
< 1.7.0
Search vendor "Dell" for product "Latitude 9510 Firmware" and version " < 1.7.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 9510
Search vendor "Dell" for product "Latitude 9510"
--
Safe
Dell
Search vendor "Dell"
Latitude 9520 Firmware
Search vendor "Dell" for product "Latitude 9520 Firmware"
< 1.6.0
Search vendor "Dell" for product "Latitude 9520 Firmware" and version " < 1.6.0"
-
Affected
in Dell
Search vendor "Dell"
Latitude 9520
Search vendor "Dell" for product "Latitude 9520"
--
Safe
Dell
Search vendor "Dell"
Optiplex 3080 Firmware
Search vendor "Dell" for product "Optiplex 3080 Firmware"
< 1.5.2
Search vendor "Dell" for product "Optiplex 3080 Firmware" and version " < 1.5.2"
-
Affected
in Dell
Search vendor "Dell"
Optiplex 3080
Search vendor "Dell" for product "Optiplex 3080"
--
Safe
Dell
Search vendor "Dell"
Optiplex 3280 Aio Firmware
Search vendor "Dell" for product "Optiplex 3280 Aio Firmware"
< 1.2.0
Search vendor "Dell" for product "Optiplex 3280 Aio Firmware" and version " < 1.2.0"
-
Affected
in Dell
Search vendor "Dell"
Optiplex 3280 Aio
Search vendor "Dell" for product "Optiplex 3280 Aio"
--
Safe
Dell
Search vendor "Dell"
Optiplex 7480 Aio Firmware
Search vendor "Dell" for product "Optiplex 7480 Aio Firmware"
< 1.2.0
Search vendor "Dell" for product "Optiplex 7480 Aio Firmware" and version " < 1.2.0"
-
Affected
in Dell
Search vendor "Dell"
Optiplex 7480 Aio
Search vendor "Dell" for product "Optiplex 7480 Aio"
--
Safe
Dell
Search vendor "Dell"
Precision 3551 Ffirmware
Search vendor "Dell" for product "Precision 3551 Ffirmware"
< 1.6.2
Search vendor "Dell" for product "Precision 3551 Ffirmware" and version " < 1.6.2"
-
Affected
in Dell
Search vendor "Dell"
Precision 3551
Search vendor "Dell" for product "Precision 3551"
--
Safe
Dell
Search vendor "Dell"
Precision 3640 Tower Firmware
Search vendor "Dell" for product "Precision 3640 Tower Firmware"
< 1.7.1
Search vendor "Dell" for product "Precision 3640 Tower Firmware" and version " < 1.7.1"
-
Affected
in Dell
Search vendor "Dell"
Precision 3640 Tower
Search vendor "Dell" for product "Precision 3640 Tower"
--
Safe