CVE-2024-0158

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

More information : https://www.dell.com/support/kbdoc/en-in/000220141/dsa-2024-030-security-update-for-dell-client-bios-for-an-improper-input-validation-vulnerability

Attack vector : LOCAL
Attack complexity : LOW
Privileges required : HIGH
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 6.7
Base severity : MEDIUM
Exploitability score : 0.8
Impact score : 5.9