Dell Client platforms require an update to address a BIOS Setup configuration authentication bypass vulnerability.
Summary:Dell Client platforms require an update to address a BIOS Setup configuration authentication bypass vulnerability.
Article Content
Impact
Medium
Details
Authentication Bypass Vulnerability
CVE-2020-5326
Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the preboot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system may potentially perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the preboot iRST Manager.
Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the preboot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system may potentially perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the preboot iRST Manager.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.