CVE-2024-0162

{"id": "CVE-2024-0162", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 1.1}]}, "published": "2024-03-13T17:15:46.617", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000222812/dsa-2024-004-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability", "source": "security_alert@emc.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM."}, {"lang": "es", "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificaci\u00f3n del b\u00fafer de comunicaci\u00f3n SMM incorrecta. Un atacante local con pocos privilegios podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda lecturas/escrituras fuera de los l\u00edmites en SMRAM."}], "lastModified": "2024-03-13T18:15:58.530", "sourceIdentifier": "security_alert@emc.com"}