admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/26xxx/CVE-2020-26186.json

72 lines
2.5 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2020-09-30 21:01:32 +00:00
{
"CVE_data_meta": {
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2020-12-16",
"ID": "CVE-2020-26186",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"STATE": "PUBLIC"
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"product_name": "CPG BIOS",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"version_affected": "<",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"version_value": "1.4.1"
}
]
}
}
]
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"vendor_name": "Dell"
}
]
}
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"-Synchronized-Data."
2020-09-30 21:01:32 +00:00
"description": {
"description_data": [
{
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"lang": "eng",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"value": "Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the RuntimeServices structure to execute arbitrary code in System Management Mode (SMM)."
}
]
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"impact": {
"cvss": {
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"baseScore": 6.8,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"version": "3.1"
}
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"problemtype": {
"problemtype_data": [
{
"description": [
{
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"lang": "eng",
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"value": "CWE-642: External Control of Critical State Data"
}
]
}
]
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
},
Added CVE-2020-26186
2021-01-08 13:44:06 -05:00
"references": {
"reference_data": [
{
"-Synchronized-Data."
2021-01-08 19:02:39 +00:00
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/en-us/000180645/dsa-2020-247-dell-client-platform-security-update-for-uefi-bios-runtimeservices-overwrite-vulnerability",
"name": "https://www.dell.com/support/kbdoc/en-us/000180645/dsa-2020-247-dell-client-platform-security-update-for-uefi-bios-runtimeservices-overwrite-vulnerability"
"-Synchronized-Data."
2020-09-30 21:01:32 +00:00
}
]
}
}
Reference in New Issue Copy Permalink