CVE-2013-3582

Published Aug 28, 2013

Last updated 11 years ago

CVSS info 7.6

Overview

Description: Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.
Source: cret@cert.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.6
Impact score: 10
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:latitude_d530:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB5C16C0-81B4-4016-BD77-4999FCD398D3"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_d531:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E70DF04-5788-41CC-8210-215E9502E952"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_d630:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77B66C84-F140-478A-A225-14F981DE78ED"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_d631:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93EA884E-5901-434C-AABF-2AAB7DAE3235"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_d830:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "643F1338-4576-4FAE-B141-C911F8D30650"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e4200:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48131E6D-8B18-4393-89D9-4EA862C3EE48"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e4300:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "933BD7AE-9837-4CC0-8651-DCB896285754"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e5400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ACF0BEC-E510-4E8D-9921-4D4FFC01CCA4"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e5500:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCA6260F-AD48-4587-93A5-133A0191DD97"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e6400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD24016C-4F29-4C57-84F2-4D0E1248B16C"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e6400_atg:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77ED6E3A-E73D-4F25-BF61-F799AB6FCF10"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e6400_atg_xfr:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93B307D3-9843-4CDB-B493-ED120407EBAC"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_e6500:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E125123A-F8C5-406D-AD58-5F2B3E87A11F"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_xt2:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCE7842E-CC66-4654-BA5F-6F8D1F2D73B9"
          },
          {
            "criteria": "cpe:2.3:h:dell:latitude_z600:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6F74764-547C-4A12-9373-D89CC4F3E667"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m2300:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F97775F-CFD3-419C-9D1A-7C211C526BF5"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m2400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E0A1390-F232-4A19-BB06-243274BF4FBF"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m4300:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A903EC47-B0D7-416C-801F-21AB88A4DBCE"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m4400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F18F7B4-28F2-423E-9E78-88D16E0A2687"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m6300:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80FF5DA6-D47D-43A8-9BD8-17A3F03B231B"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m6400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "348FFD7A-19F0-4AE4-9CD5-74A6E0D80A49"
          },
          {
            "criteria": "cpe:2.3:h:dell:precision_m6500:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37272C28-7844-4725-A8CF-8D0E739A57A6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References