7.6
CVE-2013-3582
- EPSS 0.84%
- Veröffentlicht 28.08.2013 13:13:58
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cret@cert.org
- Teams Watchlist Login
- Unerledigt Login
Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Latitude D530 Version-
Dell ≫ Latitude D531 Version-
Dell ≫ Latitude D630 Version-
Dell ≫ Latitude D631 Version-
Dell ≫ Latitude D830 Version-
Dell ≫ Latitude E4200 Version-
Dell ≫ Latitude E4300 Version-
Dell ≫ Latitude E5400 Version-
Dell ≫ Latitude E5500 Version-
Dell ≫ Latitude E6400 Version-
Dell ≫ Latitude E6400 Atg Version-
Dell ≫ Latitude E6400 Atg Xfr Version-
Dell ≫ Latitude E6500 Version-
Dell ≫ Latitude Xt2 Version-
Dell ≫ Latitude Z600 Version-
Dell ≫ Precision M2300 Version-
Dell ≫ Precision M2400 Version-
Dell ≫ Precision M4300 Version-
Dell ≫ Precision M4400 Version-
Dell ≫ Precision M6300 Version-
Dell ≫ Precision M6400 Version-
Dell ≫ Precision M6500 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.84% | 0.74 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 4.9 | 10 |
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.