Описание
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dell:supportassist_os_recovery:5.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00058
Низкий
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-288
CWE-287
Связанные уязвимости
CVSS3: 6.8
github
больше 3 лет назад
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in order to run arbitrary code on the system as Administrator.
EPSS
Процентиль: 18%
0.00058
Низкий
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-288
CWE-287