DSA-2024-104: Security Update for Dell PowerEdge Server BIOS for an Improper SMM Communication Buffer Verification Vulnerability
Dell PowerEdge Server BIOS remediation is available for an Improper SMM communication buffer verification vulnerability that could be exploited by malicious users to compromise the affected system.
Summary:
Dell PowerEdge Server BIOS remediation is available for an Improper SMM communication buffer verification vulnerability that could be exploited by malicious users to compromise the
affected system.
...
Article Content
Impact
Medium
Details
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2024-25942
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Workarounds and Mitigations
None
Acknowledgements
Dell would like to thank schur of BUPT, Dubhe Lab for reporting this issue.