Details of VAR-201508-0601

ID

VAR-201508-0601

CVE

CVE-2015-2890

TITLE

BIOS implementations fail to properly set UEFI write protections after waking from sleep mode

Trust: 0.8

sources: CERT/CC: VU#577140

DESCRIPTION

The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging console access, a similar issue to CVE-2015-3692. Multiple BIOS implementations fail to properly set write protections after waking from sleep, leading to the possibility of an arbitrary BIOS image reflash. plural Dell Device firmware BIOS Implementation locks protection mechanism to wake from sleep BIOS_CNTL Is not processed, EFI There is a vulnerability that allows a flash attack to be executed. This vulnerability CVE-2015-3692 It is a similar problem. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlBy using the access right to the console by a local user, EFI A flash attack may be performed. Dell Latitude and others are products of Dell. There are security vulnerabilities in the BIOS implementation of several Dell devices. The BIOS_CNTL lock protection mechanism was not enforced when the program resumed from sleep mode

Trust: 3.24

sources: NVD: CVE-2015-2890 // CERT/CC: VU#577140 // JVNDB: JVNDB-2015-003973 // CNVD: CNVD-2015-05153 // BID: 76128 // VULHUB: VHN-80851

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-05153

AFFECTED PRODUCTS

vendor:	dell	model:	bios	scope:	eq	version:	a13	Trust: 1.6
vendor:	dell	model:	bios	scope:	lte	version:	a15	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a11	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a12	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a20	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a17	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a14	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a18	Trust: 1.0
vendor:	dell	model:	bios	scope:	lte	version:	a10	Trust: 1.0
vendor:	american megatrends incorporated ami	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dell computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dell	model:	bios	scope:	lt	version:	a21	Trust: 0.8
vendor:	dell	model:	latitude e4310	scope:	lt	version:	(bios a14 )	Trust: 0.8
vendor:	dell	model:	latitude e5410	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	latitude e5420	scope:	lt	version:	(bios a14 )	Trust: 0.8
vendor:	dell	model:	latitude e5510	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	latitude e5520	scope:	lt	version:	(bios a14 )	Trust: 0.8
vendor:	dell	model:	latitude e6220	scope:	lt	version:	(bios a13 )	Trust: 0.8
vendor:	dell	model:	latitude e6320	scope:	lt	version:	(bios a19 )	Trust: 0.8
vendor:	dell	model:	latitude e6410 atg	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	latitude e6420 atg	scope:	lt	version:	(bios a21 )	Trust: 0.8
vendor:	dell	model:	latitude e6420 xfr	scope:	lt	version:	(bios a21 )	Trust: 0.8
vendor:	dell	model:	latitude e6510	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	latitude e6520	scope:	lt	version:	(bios a19 )	Trust: 0.8
vendor:	dell	model:	latitude xt3	scope:	lt	version:	(bios a13 )	Trust: 0.8
vendor:	dell	model:	optiplex 390	scope:	lt	version:	(bios a11 )	Trust: 0.8
vendor:	dell	model:	optiplex 790	scope:	lt	version:	(bios a18 )	Trust: 0.8
vendor:	dell	model:	optiplex 990	scope:	lt	version:	(bios a18 )	Trust: 0.8
vendor:	dell	model:	precision mobile workstation m4500	scope:	lt	version:	(bios a15 )	Trust: 0.8
vendor:	dell	model:	precision mobile workstation m4600	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	precision mobile workstation m6600	scope:	lt	version:	(bios a15 )	Trust: 0.8
vendor:	dell	model:	precision workstation t1600	scope:	lt	version:	(bios a16 )	Trust: 0.8
vendor:	dell	model:	precision workstation t3600	scope:	lt	version:	(bios a12 )	Trust: 0.8
vendor:	dell	model:	precision workstation t5600	scope:	lt	version:	(bios a12 )	Trust: 0.8
vendor:	dell	model:	precision workstation t5600 xl	scope:	lt	version:	(bios a12 )	Trust: 0.8
vendor:	dell	model:	precision workstation t7600	scope:	lt	version:	(bios a10 )	Trust: 0.8
vendor:	dell	model:	latitude	scope:	-	version:	-	Trust: 0.6
vendor:	dell	model:	optiplex	scope:	-	version:	-	Trust: 0.6
vendor:	dell	model:	precision mobile workstation	scope:	-	version:	-	Trust: 0.6
vendor:	dell	model:	precision workstation cs	scope:	-	version:	-	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a11	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a18	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a15	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a10	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a17	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a20	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a14	Trust: 0.6
vendor:	dell	model:	bios	scope:	eq	version:	a12	Trust: 0.6
vendor:	dell	model:	precision workstation t7600 a10	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision workstation t5600 xl a12	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision workstation t5600 a12	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision workstation t3600 a12	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision workstation t1600 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision mobile workstation m6600 a15	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision mobile workstation m4600 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	precision mobile workstation m4500 a15	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	optiplex a18	scope:	eq	version:	990	Trust: 0.3
vendor:	dell	model:	optiplex a18	scope:	eq	version:	790	Trust: 0.3
vendor:	dell	model:	optiplex a11	scope:	eq	version:	390	Trust: 0.3
vendor:	dell	model:	latitude xt3 a13	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6520 a19	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6510 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6420 xfr a21	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6420 a21	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6410 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6320 a19	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e6220 a13	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e5520 a14	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e5510 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e5420 a14	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e5410 a16	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude e4310 a14	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude atg a21	scope:	-	version:	-	Trust: 0.3
vendor:	dell	model:	latitude atg a16	scope:	-	version:	-	Trust: 0.3

sources: CERT/CC: VU#577140 // CNVD: CNVD-2015-05153 // BID: 76128 // JVNDB: JVNDB-2015-003973 // CNNVD: CNNVD-201507-844 // NVD: CVE-2015-2890

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-2890
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-2890
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-05153
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201507-844
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-80851
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-2890
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-05153
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-80851
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-2890
baseSeverity:	MEDIUM
baseScore:	6.0
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.2
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2015-05153 // VULHUB: VHN-80851 // JVNDB: JVNDB-2015-003973 // CNNVD: CNNVD-201507-844 // NVD: CVE-2015-2890

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8
problemtype:	CWE-17	Trust: 0.1

sources: VULHUB: VHN-80851 // JVNDB: JVNDB-2015-003973 // NVD: CVE-2015-2890

THREAT TYPE

local

Trust: 0.9

sources: BID: 76128 // CNNVD: CNNVD-201507-844

TYPE

Design Error

Trust: 0.3

sources: BID: 76128

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003973

PATCH

title:

Top Page

url:

http://www.dell.com/

Trust: 0.8

sources: JVNDB: JVNDB-2015-003973

EXTERNAL IDS

db:	CERT/CC	id:	VU#577140	Trust: 4.2
db:	NVD	id:	CVE-2015-2890	Trust: 3.4
db:	BID	id:	76128	Trust: 1.0
db:	JVN	id:	JVNVU99464019	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-003973	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-844	Trust: 0.7
db:	CNVD	id:	CNVD-2015-05153	Trust: 0.6
db:	VULHUB	id:	VHN-80851	Trust: 0.1

sources: CERT/CC: VU#577140 // CNVD: CNVD-2015-05153 // VULHUB: VHN-80851 // BID: 76128 // JVNDB: JVNDB-2015-003973 // CNNVD: CNNVD-201507-844 // NVD: CVE-2015-2890

REFERENCES

url:	http://www.kb.cert.org/vuls/id/577140	Trust: 3.4
url:	http://www.kb.cert.org/vuls/id/bluu-9xxq9l	Trust: 2.8
url:	https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/	Trust: 0.8
url:	https://support.apple.com/en-us/ht204934	Trust: 0.8
url:	http://support.dell.com/	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2890	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu99464019	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2890	Trust: 0.8
url:	http://dell.com	Trust: 0.3

sources: CERT/CC: VU#577140 // CNVD: CNVD-2015-05153 // VULHUB: VHN-80851 // BID: 76128 // JVNDB: JVNDB-2015-003973 // CNNVD: CNNVD-201507-844 // NVD: CVE-2015-2890

CREDITS

Sam Cornwell, John Butterworth, Xeno Kovah, and Corey Kallenberg

Trust: 0.3

sources: BID: 76128

SOURCES

db:	CERT/CC	id:	VU#577140
db:	CNVD	id:	CNVD-2015-05153
db:	VULHUB	id:	VHN-80851
db:	BID	id:	76128
db:	JVNDB	id:	JVNDB-2015-003973
db:	CNNVD	id:	CNNVD-201507-844
db:	NVD	id:	CVE-2015-2890

LAST UPDATE DATE

2024-11-23T21:59:29.541000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#577140	date:	2015-08-12T00:00:00
db:	CNVD	id:	CNVD-2015-05153	date:	2015-08-10T00:00:00
db:	VULHUB	id:	VHN-80851	date:	2019-09-27T00:00:00
db:	BID	id:	76128	date:	2015-07-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003973	date:	2015-08-04T00:00:00
db:	CNNVD	id:	CNNVD-201507-844	date:	2019-09-30T00:00:00
db:	NVD	id:	CVE-2015-2890	date:	2024-11-21T02:28:16.517

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#577140	date:	2015-07-30T00:00:00
db:	CNVD	id:	CNVD-2015-05153	date:	2015-08-10T00:00:00
db:	VULHUB	id:	VHN-80851	date:	2015-08-01T00:00:00
db:	BID	id:	76128	date:	2015-07-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003973	date:	2015-08-04T00:00:00
db:	CNNVD	id:	CNNVD-201507-844	date:	2015-07-31T00:00:00
db:	NVD	id:	CVE-2015-2890	date:	2015-08-01T01:59:13.943