CVE-2021-36284

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
dellCNA
5.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
delllatitude_5310_2-in-1_firmware
𝑥
< 1.7.0
delllatitude_5320_firmware
𝑥
< 1.7.0
delllatitude_5400_firmware
𝑥
< 1.7.1
delllatitude_5411_firmware
𝑥
< 1.6.0
delllatitude_5500_firmware
𝑥
< 1.8.0
delllatitude_5520_firmware
𝑥
< 1.6.0
delllatitude_5511_firmware
𝑥
< 1.7.1
delllatitude_7212_rugged_extreme_tablet_firmware
𝑥
< 1.7.0
delllatitude_7280_firmware
𝑥
< 1.9.1
delllatitude_7320_firmware
𝑥
< 1.7.0
delllatitude_7370_firmware
𝑥
< 1.7.1
delllatitude_7420_firmware
𝑥
< 1.7.0
delllatitude_7480_firmware
𝑥
< 1.7.1
delllatitude_9410_firmware
𝑥
< 1.7.1
delllatitude_9510_firmware
𝑥
< 1.7.0
delllatitude_9520_firmware
𝑥
< 1.6.0
delloptiplex_3080_firmware
𝑥
< 1.5.2
delloptiplex_3280_aio_firmware
𝑥
< 1.2.0
delloptiplex_7480_aio_firmware
𝑥
< 1.2.0
dellprecision_3551_ffirmware
𝑥
< 1.6.2
dellprecision_3640_tower_firmware
𝑥
< 1.7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/000191495
https://www.dell.com/support/kbdoc/000191495