CVE-2024-0158

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

CVSS v3 5.1 MEDIUM

5.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-in/000220141/dsa-2024-030-security-update-for-dell-client-bios-for-an-improper-input-validation-vulnerability

Configurations

No configuration.

History

No history.

Information

Published : 2024-07-02 07:15

Updated : 2024-07-02 12:09

NVD link : CVE-2024-0158

Mitre link : CVE-2024-0158

CVE.ORG link : CVE-2024-0158

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

5.1 /10