ГлавнаяУязвимости → CVE-2024-0161
7.2высокая

CVE-2024-0161

Описание

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Затрагиваемое ПО
Dell Poweredge t360 firmwareDell Poweredge t360Dell Poweredge r360 firmwareDell Poweredge r360Dell Poweredge r650 firmwareDell Poweredge r650Dell Poweredge r750 firmwareDell Poweredge r750Dell Poweredge r750xa firmwareDell Poweredge r750xaDell Poweredge c6520 firmwareDell Poweredge c6520Dell Poweredge mx750c firmwareDell Poweredge mx750cDell Poweredge r550 firmwareDell Poweredge r550Dell Poweredge r450 firmwareDell Poweredge r450Dell Poweredge r650xs firmwareDell Poweredge r650xsDell Poweredge r750xs firmwareDell Poweredge r750xsDell Poweredge t550 firmwareDell Poweredge t550Dell Poweredge xr11 firmware
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerabilityhttps://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability