CVE-2020-5361

Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized password generation tools that can generate BIOS recovery passwords. The tools, which are not authorized by Dell, can be used by a physically present attacker to reset BIOS passwords and BIOS-managed Hard Disk Drive (HDD) passwords. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to bypass security restrictions for BIOS Setup configuration, HDD access and BIOS pre-boot authentication.

CVSS v3 7.6 HIGH
CVSS v2.0 7.2 HIGH

7.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 0.9 / Impact : 6.0

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000180741/dsa-2020-119-dell-client-products-unauthorized-bios-password-reset-tool-vulnerability	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-01-04 22:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-5361

Mitre link : CVE-2020-5361

CVE.ORG link : CVE-2020-5361

JSON object : View

Products Affected

dell

cpg_bios

CWE

CWE-640

Weak Password Recovery Mechanism for Forgotten Password

{"id": "CVE-2020-5361", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.9}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 0.9}]}, "published": "2021-01-04T22:15:13.950", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000180741/dsa-2020-119-dell-client-products-unauthorized-bios-password-reset-tool-vulnerability", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-640"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-640"}]}], "descriptions": [{"lang": "en", "value": "Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized password generation tools that can generate BIOS recovery passwords. The tools, which are not authorized by Dell, can be used by a physically present attacker to reset BIOS passwords and BIOS-managed Hard Disk Drive (HDD) passwords. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to bypass security restrictions for BIOS Setup configuration, HDD access and BIOS pre-boot authentication."}, {"lang": "es", "value": "Plataformas Select Dell Client Commercial and Consumer, admiten una capacidad de restablecimiento de contrase\u00f1a del BIOS que ha sido dise\u00f1ada para ayudar a clientes autorizados que olvidan sus contrase\u00f1as. Dell es consciente de las herramientas de generaci\u00f3n de contrase\u00f1as no autorizadas que pueden generar contrase\u00f1as de recuperaci\u00f3n del BIOS. Las herramientas, que no est\u00e1n autorizadas por Dell, pueden ser usadas por un atacante presente f\u00edsicamente para restablecer las contrase\u00f1as del BIOS y las contrase\u00f1as de la unidad de disco duro (HDD) administrada por el BIOS. Un atacante no autenticado con acceso f\u00edsico al sistema podr\u00eda potencialmente explotar esta vulnerabilidad para omitir las restricciones de seguridad para los ajustes de Configuraci\u00f3n del BIOS, el acceso al HDD y la autenticaci\u00f3n previa al arranque del BIOS."}], "lastModified": "2021-01-29T17:35:22.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F0E1081-436B-49A3-8B2B-53F2D0A23C1A"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}