CVE-2020-5326 Explained : Impact and Mitigation
Learn about CVE-2020-5326 affecting Dell Client platforms, allowing unauthorized changes to BIOS settings without the Admin password. Find mitigation steps and patching recommendations here.
Dell Client platforms are affected by a BIOS Setup configuration authentication bypass vulnerability, allowing unauthorized changes without the BIOS Admin password.
Understanding CVE-2020-5326
What is CVE-2020-5326?
This CVE involves a vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu on Dell Client platforms, enabling an attacker with physical access to make unauthorized changes to BIOS settings.
The Impact of CVE-2020-5326
The vulnerability has a CVSS base score of 6.1 (Medium severity) and a high impact on availability. It allows attackers to bypass authentication and modify BIOS settings without the required password.
Technical Details of CVE-2020-5326
Vulnerability Description
The vulnerability in Dell Client platforms enables an attacker to change BIOS Setup configuration settings without needing the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.
Affected Systems and Versions
- Product: Dell Client Consumer and Commercial Platforms
- Vendor: Dell
- Versions Affected: Dell Support Article
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Physical
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: High
Mitigation and Prevention
Immediate Steps to Take
- Apply patches provided by Dell to address the vulnerability.
- Restrict physical access to systems to prevent unauthorized changes.
Long-Term Security Practices
- Regularly update BIOS and firmware to the latest versions.
- Implement strong physical security measures to protect against unauthorized access.
Patching and Updates
Ensure timely installation of security updates and patches provided by Dell to mitigate the vulnerability.