Dell Client Platform update for INSYDE UEFI BIOS

1) Buffer overflow

EUVDB-ID: #VU56490

Risk: Medium

CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-38575

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the IScsiHexToBin() function in NetworkPkg/IScsiDxe. A remote attacker with ability to inject data into communication between edk2 and the iSCSI target can execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Vostro 5625: before 1.12.1

Vostro 5515: before 1.18.1

Vostro 5415: before 1.18.1

Vostro 3525: before 1.13.0

Vostro 3515: before 1.15.1

Vostro 3425: before 1.13.0

Vostro 3405: before 1.15.1

Vostro 16 5635: before 1.6.1

Vostro 15 3535: before 1.6.0

Vostro 14 3435: before 1.6.0

Inspiron 7415 2-in-1: before 1.18.1

Inspiron 7405 2-in-1: before 1.14.2

Inspiron 5515: before 1.18.1

Inspiron 5505: before 1.13.2

Inspiron 5425: before 1.12.1

Inspiron 5415: before 1.15.0

Inspiron 5405: before 1.13.2

Inspiron 3785: before 1.15.0

Inspiron 3585: before 1.15.0

Inspiron 3515: before 1.15.1

Inspiron 3505: before 1.15.1

Inspiron 16 7635 2-in-1: before 1.6.1

Inspiron 16 5635: before 1.6.1

Inspiron 15 3535: before 1.6.0

Inspiron 15 3525: before 1.13.0

Inspiron 14 7435 2-in-1: before 1.6.1

Inspiron 14 7425 2-in-1: before 1.12.1

Inspiron 14 5435: before 1.6.1

Dell G5 5505: before 1.17.2

Dell G15 5525: before 1.11.1

Dell G15 5515: before 1.14.0

Alienware m17 R5 AMD: before 1.11.1

Alienware m15 Ryzen Edition R5: before 1.15.0

Alienware m15 R7 AMD: before 1.11.1

CPE2.3

• cpe:2.3:h:dell:vostro_5625:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_5515:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_5415:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_3525:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_3515:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_3425:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_3405:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_16_5635:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_15_3535:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:vostro_14_3435:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_7415_2-in-1:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_7405_2-in-1:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_5515:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_5505:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_5425:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_5415:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_5405:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_3785:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_3585:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_3515:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_3505:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_16_7635_2-in-1:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_16_5635:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_15_3535:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_15_3525:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_14_7435_2-in-1:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_14_7425_2-in-1:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:inspiron_14_5435:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:dell_g5_5505:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:dell_g15_5525:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:dell_g15_5515:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:alienware_m17_r5_amd:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:alienware_m15_ryzen_edition_r5:*:*:*:*:*:*:*:*
• cpe:2.3:h:dell:alienware_m15_r7_amd:*:*:*:*:*:*:*:*

External links

https://www.dell.com/support/kbdoc/nl-nl/000217230/dsa-2023-322-security-update-for-a-dell-client-platform-insyde-uefi-bios-vulnerability

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.