Dell Client Consumer And Commercial Platforms vulnerabilities

CVE-2020-5362 [MEDIUM] CWE-285 CVE-2020-5362: Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.

CVE-2020-5363 [MEDIUM] CWE-158 CVE-2020-5363: Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin pas Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. This could potentially allow an unauthorized actor, with physical access and/or OS administrator privileges to the device, to gain privilege

CVE-2020-5326 [MEDIUM] CWE-306 CVE-2020-5326: Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerabilit Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by select

CVE-2020-5324 [MEDIUM] CWE-427 CVE-2020-5324: Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an