Description
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVSS breakdown
CVSS 3.1
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected products
- Dell / Dell Edge Gateway 30000 – 1.26.0
- Dell / Dell Edge Gateway 50000 – 1.36.0
- Dell / DELL EMBEDDED PC 30000 – 1.32.0
- Dell / DELL EMBEDDED PC 50000 – 1.33.0
- Dell / Dell Precision 3630 Tower0 – 2.40.0
- Dell / Dell Precision 3930 Rack0 – 2.43.0
- Dell / Latitude 7220 Rugged Extreme0 – 1.51.0
- Dell / Latitude Rugged 54200 – 1.42.0
- Dell / Latitude Rugged 54240 – 1.42.0
- Dell / Latitude Rugged 7220EX0 – 1.51.0
- Dell / Latitude Rugged 74240 – 1.42.0
- Dell / Precision 3930 Rack0 – 2.43.0