CVE-2013-3582

Dell Latitude and Precision BIOS - Buffer Overflow via Crafted RBU Packet Values

Title source: llm

Description

Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.

References (5)

Core 5

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/912156

Various Sources x_refsource_misc

https://www.blackhat.com/us-13/archives.html#Butterworth

Exploit x_refsource_misc

https://media.blackhat.com/us-13/US-13-Butterworth-BIOS-Security-Slides.pdf

Exploit x_refsource_misc

https://media.blackhat.com/us-13/US-13-Butterworth-BIOS-Security-WP.pdf

US Government Resource x_refsource_confirm

http://www.kb.cert.org/vuls/id/BLUU-99HSLA

Scores

EPSS 0.0084

EPSS Percentile 75.0%

Details

CWE

CWE-119

Status published

Products (22)

dell/latitude_d530

dell/latitude_d531

dell/latitude_d630

dell/latitude_d631

dell/latitude_d830

dell/latitude_e4200

dell/latitude_e4300

dell/latitude_e5400

dell/latitude_e5500

dell/latitude_e6400

... and 12 more

Published Aug 28, 2013

Tracked Since Feb 18, 2026