CVE-2020-5326

Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H
dellCNA
6.1 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
dellchengming_3980_firmware
𝑥
< 2.13.0
dellg3_3579_firmware
𝑥
< 1.10.0
dellg3_3590_firmware
𝑥
< 1.4.3
dellg3_3779_firmware
𝑥
< 1.10.0
dellg5_5587_firmware
𝑥
< 1.11.1
dellg5_5590_firmware
𝑥
< 1.8.0
dellg7_7588_firmware
𝑥
< 1.11.1
dellg7_7590_firmware
𝑥
< 1.8.0
dellg7_7790_firmware
𝑥
< 1.8.0
dellembedded_box_pc_5000_firmware
𝑥
< 1.6.0
dellinspiron_14_gaming_7466_firmware
𝑥
< 1.5.0
dellinspiron_14_gaming_7467_firmware
𝑥
< 1.10.0
dellinspiron_15_7572_firmware
𝑥
< 1.2.1
dellinspiron_15_gaming_7566_firmware
𝑥
< 1.5.0
dellinspiron_15_gaming_7567_firmware
𝑥
< 1.10.0
dellinspiron_15_gaming_7577_firmware
𝑥
< 1.8.0
dellinspiron_3470_firmware
𝑥
< 2.13.0
dellinspiron_3480_firmware
𝑥
< 1.5.1
dellinspiron_3481_firmware
𝑥
< 1.4.0
dellinspiron_3580_firmware
𝑥
< 1.5.1
dellinspiron_3581_firmware
𝑥
< 1.4.0
dellinspiron_3583_firmware
𝑥
< 1.5.1
dellinspiron_3584_firmware
𝑥
< 1.4.0
dellinspiron_3670_firmware
𝑥
< 2.13.0
dellinspiron_3780_firmware
𝑥
< 1.5.1
dellinspiron_3781_firmware
𝑥
< 1.4.0
dellinspiron_5370_firmware
𝑥
< 1.12.0
dellinspiron_5480_firmware
𝑥
< 2.4.0
dellinspiron_5481_firmware
𝑥
< 2.4.0
dellinspiron_5482_firmware
𝑥
< 2.4.0
dellinspiron_5488_firmware
𝑥
< 2.4.0
dellinspiron_5570_firmware
𝑥
< 1.2.3
dellinspiron_5580_firmware
𝑥
< 2.4.0
dellinspiron_5582_firmware
𝑥
< 2.4.0
dellinspiron_5770_firmware
𝑥
< 1.2.3
dellinspiron_7380_firmware
𝑥
< 1.8.0
dellinspiron_7386_firmware
𝑥
< 1.5.0
dellinspiron_7472_firmware
𝑥
< 1.2.1
dellinspiron_7580_firmware
𝑥
< 1.8.0
dellinspiron_7586_firmware
𝑥
< 1.5.0
dellinspiron_7590_firmware
𝑥
< 1.1.1
dellinspiron_7591_firmware
𝑥
< 1.1.1
dellinspiron_7786_firmware
𝑥
< 1.5.0
delllatitude_3300_firmware
𝑥
< 1.4.0
delllatitude_3480_firmware
𝑥
< 1.12.0
delllatitude_3490_firmware
𝑥
< 1.9.9
delllatitude_3580_firmware
𝑥
< 1.12.0
delllatitude_3590_firmware
𝑥
< 1.9.9
delllatitude_5175_firmware
𝑥
< 1.7.1
delllatitude_5179_firmware
𝑥
< 1.7.1
delllatitude_5280_firmware
𝑥
< 1.15.1
delllatitude_5288_firmware
𝑥
< 1.15.1
delllatitude_5289_firmware
𝑥
< 1.18.1
delllatitude_5290_firmware
𝑥
< 1.9.0
delllatitude_5300_firmware
𝑥
< 1.3.1
delllatitude_5400_firmware
𝑥
< 1.3.11
delllatitude_5401_firmware
𝑥
< 1.3.11
delllatitude_5414_firmware
𝑥
< 1.24.0
delllatitude_5420_rugged_firmware
𝑥
< 1.5.0
delllatitude_5424_rugged_firmware
𝑥
< 1.5.0
delllatitude_5480_firmware
𝑥
< 1.15.1
delllatitude_5488_firmware
𝑥
< 1.15.1
delllatitude_5490_firmware
𝑥
< 1.9.0
delllatitude_5491_firmware
𝑥
< 1.8.1
delllatitude_5500_firmware
𝑥
< 1.3.11
delllatitude_5501_firmware
𝑥
< 1.2.11
delllatitude_5580_firmware
𝑥
< 1.15.1
delllatitude_5590_firmware
𝑥
< 1.9.0
delllatitude_5591_firmware
𝑥
< 1.8.1
delllatitude_7212_firmware
𝑥
< 1.26.0
delllatitude_7214_firmware
𝑥
< 1.24.0
delllatitude_7275_firmware
𝑥
< 1.6.1
delllatitude_7280_firmware
𝑥
< 1.15.1
delllatitude_7285_firmware
𝑥
< 1.4.1
delllatitude_7290_firmware
𝑥
< 1.10.0
delllatitude_7300_firmware
𝑥
< 1.3.11
delllatitude_7370_firmware
𝑥
< 1.18.5
delllatitude_7380_firmware
𝑥
< 1.15.1
delllatitude_7389_firmware
𝑥
< 1.18.1
delllatitude_7390_firmware
𝑥
< 1.10.0
delllatitude_7400_firmware
𝑥
< 1.3.11
delllatitude_7414_firmware
𝑥
< 1.24.0
delllatitude_7424_rugged_extreme_firmware
𝑥
< 1.5.0
delllatitude_7480_firmware
𝑥
< 1.15.1
delllatitude_7490_firmware
𝑥
< 1.10.0
delllatitude_e5270_firmware
𝑥
< 1.21.4
delllatitude_e5470_firmware
𝑥
< 1.21.4
delllatitude_e5570_firmware
𝑥
< 1.21.4
delllatitude_e7270_firmware
𝑥
< 1.22.8
delllatitude_e7470_firmware
𝑥
< 1.22.8
delloptiplex_3040_firmware
𝑥
< 1.11.3
delloptiplex_3046_firmware
𝑥
< 1.8.2
delloptiplex_3050_firmware
𝑥
< 1.12.1
delloptiplex_3060_firmware
𝑥
< 1.4.2
delloptiplex_3070_firmware
𝑥
< 1.0.3
delloptiplex_3240_firmware
𝑥
< 1.8.1
delloptiplex_5040_firmware
𝑥
< 1.14.5
delloptiplex_5050_firmware
𝑥
< 1.12.1
delloptiplex_5060_firmware
𝑥
< 1.4.2
delloptiplex_5070_firmware
𝑥
< 1.0.3
delloptiplex_5250_firmware
𝑥
< 1.13.1
delloptiplex_5260_firmware
𝑥
< 1.7.3
delloptiplex_7040_firmware
𝑥
< 1.15.5
delloptiplex_7050_firmware
𝑥
< 1.12.1
delloptiplex_7060_firmware
𝑥
< 1.4.2
delloptiplex_7070_firmware
𝑥
< 1.0.3
delloptiplex_7440_firmware
𝑥
< 1.11.1
delloptiplex_7450_firmware
𝑥
< 1.13.1
delloptiplex_7460_firmware
𝑥
< 1.7.3
delloptiplex_7760_firmware
𝑥
< 1.7.3
delloptiplex_5270_firmware
𝑥
< 1.1.1
delloptiplex_7470_firmware
𝑥
< 1.1.1
delloptiplex_7770_firmware
𝑥
< 1.1.1
delloptiplex_xe3_firmware
𝑥
< 1.4.2
dellprecision_3420_firmware
𝑥
< 2.13.1
dellprecision_3430_firmware
𝑥
< 1.4.2
dellprecision_3510_firmware
𝑥
< 1.21.4
dellprecision_3520_firmware
𝑥
< 1.15.1
dellprecision_3530_firmware
𝑥
< 1.8.1
dellprecision_3540_firmware
𝑥
< 1.3.11
dellprecision_3541_firmware
𝑥
< 1.2.11
dellprecision_3620_firmware
𝑥
< 2.13.1
dellprecision_3630_firmware
𝑥
< 1.2.0
dellprecision_3930_firmware
𝑥
< 2.2.0
dellprecision_5510_firmware
𝑥
< 1.12.0
dellprecision_5520_firmware
𝑥
< 1.15.0
dellprecision_5530_firmware
𝑥
< 1.11.2
dellprecision_5720_firmware
𝑥
< 2.5.1
dellprecision_5820_firmware
𝑥
< 1.11.1
dellprecision_7510_firmware
𝑥
< 1.18.5
dellprecision_7520_firmware
𝑥
< 1.15.1
dellprecision_7530_firmware
𝑥
< 1.9.0
dellprecision_7540_firmware
𝑥
< 1.1.3
dellprecision_7710_firmware
𝑥
< 1.18.5
dellprecision_7720_firmware
𝑥
< 1.15.1
dellprecision_7730_firmware
𝑥
< 1.9.0
dellprecision_7740_firmware
𝑥
< 1.1.3
dellprecision_7820_firmware
𝑥
< 2.0.5
dellprecision_7920_firmware
𝑥
< 2.0.5
dellprecision_3431_firmware
𝑥
< 1.0.3
dellvostro_7580_firmware
𝑥
< 1.11.1
dellvostro_15_7570_firmware
𝑥
< 1.8.0
dellvostro_3070_firmware
𝑥
< 2.13.0
dellvostro_3470_firmware
𝑥
< 2.13.0
dellvostro_3480_firmware
𝑥
< 1.5.1
dellvostro_3481_firmware
𝑥
< 1.4.0
dellvostro_3580_firmware
𝑥
< 1.5.1
dellvostro_3581_firmware
𝑥
< 1.4.0
dellvostro_3583_firmware
𝑥
< 1.5.1
dellvostro_3584_firmware
𝑥
< 1.4.0
dellvostro_3670_firmware
𝑥
< 2.13.0
dellvostro_5370_firmware
𝑥
< 1.12.0
dellvostro_5471_firmware
𝑥
< 1.12.0
dellvostro_5481_firmware
𝑥
< 2.4.0
dellvostro_5581_firmware
𝑥
< 2.4.0
dellvostro_7590_firmware
𝑥
< 1.1.1
dellwyse_5070_firmware
𝑥
< 1.2.4
dellwyse_7040_firmware
𝑥
< 1.6.0
dellxps_12_9250_firmware
𝑥
< 1.6.1
dellxps_13_9350_firmware
𝑥
< 1.11.1
dellxps_13_9360_firmware
𝑥
< 2.12.0
dellxps_13_9380_firmware
𝑥
< 1.4.0
dellxps_15_9550_firmware
𝑥
< 1.12.0
dellxps_15_9560_firmware
𝑥
< 1.15.0
dellxps_15_9575_firmware
𝑥
< 1.6.1
dellxps_15_9570_firmware
𝑥
< 1.11.2
dellxps_27_7760_firmware
𝑥
< 2.5.1
dellxps_8900_firmware
𝑥
< 2.6.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/article/SLN320337
https://www.dell.com/support/article/SLN320337