CVE-2020-5324

high-risk

Published 2020-02-21

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.

Do I need to act?

0.10% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.1/10 High

LOCAL / LOW complexity

Affected Products (20)

G3 3579 Firmware

G3 3779 Firmware

G3 15 3590 Firmware

G5 15 5590 Firmware

G5 5090 Firmware

G5 5587 Firmware

G7 15 7590 Firmware

G7 17 7790 Firmware

G7 7588 Firmware

Inspiron 14 5490 Firmware

Inspiron 3480 Firmware

Inspiron 3481 Firmware

Inspiron 3490 Firmware

Inspiron 3493 Firmware

Inspiron 3580 Firmware

Inspiron 3581 Firmware

Inspiron 3583 Firmware

Inspiron 3584 Firmware

Inspiron 3590 Firmware

Inspiron 3593 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/article/SLN320348

/ 100

high-risk

Severity 22/34 · High

Exploitability 0/34 · Minimal

Exposure 31/34 · Critical