Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
Dell PowerEdge Server BIOS 缓冲区错误漏洞
Vulnerability Description
Dell PowerEdge Server BIOS是美国戴尔(Dell)公司的戴尔(Dell)的一款系统更新驱动程序。 Dell PowerEdge Server BIOS 2.18.1之前版本存在缓冲区错误漏洞,该漏洞源于包含越界写入漏洞,具有低权限的本地攻击者可能会利用此漏洞导致在系统管理模式下暴露某些SMRAM堆栈/数据/代码,从而导致任意代码执行或权限升级。
CVSS Information
N/A
Vulnerability Type
N/A