Permissions, Privileges, and Access Controls in PowerEdge Server BIOS and Precision Rack BIOS - CVE-2024-0172

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU95141

Permissions, Privileges, and Access Controls in PowerEdge Server BIOS and Precision Rack BIOS - CVE-2024-0172

Published: August 1, 2024


Vulnerability identifier: #VU95141
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-0172
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Dell
Affected software:
PowerEdge Server BIOS
Precision Rack BIOS

Detailed vulnerability description

The vulnerability allows a local user to gain elevated privileges.

The vulnerability exists due to this vulnerability, leading. An authenticated local user could potentially exploit this vulnerability, leading to privilege escalation.


How to mitigate CVE-2024-0172

Install update from vendor's website.

Sources