CVE-2020-5387Improper Handling of Exceptional Conditions in Dell CPG Bios

CWE-755Improper Handling of Exceptional Conditions3 documents3 sources
Severity
4.4MEDIUMNVD
CNA2.3
EPSS
0.1%
top 66.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell CPG BiosDell XPS 13 9370 Firmware
Timeline
PublishedOct 1
Latest updateMay 24

Description

Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/cpg_biosunspecified1.13.1

🔴Vulnerability Details

2
GHSA
GHSA-jc6m-9rhv-q9wq: Dell XPS 13 9370 BIOS versions prior to 12022-05-24
CVEList
CVE-2020-5387: Dell XPS 13 9370 BIOS versions prior to 12020-10-01
CVE-2020-5387 — Dell CPG Bios vulnerability | cvebase