Vulnerability Description
Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Pre-Boot Authentication Driver | 1.0.1.5 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-UncontrolExploit
- http://seclists.org/fulldisclosure/2015/Dec/81Exploit
- http://www.securityfocus.com/archive/1/537161/100/0/threaded
- http://www.securityfocus.com/bid/79643
- https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txtExploit
- http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-UncontrolExploit
- http://seclists.org/fulldisclosure/2015/Dec/81Exploit
- http://www.securityfocus.com/archive/1/537161/100/0/threaded
- http://www.securityfocus.com/bid/79643
- https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txtExploit
FAQ
What is CVE-2015-6856?
CVE-2015-6856 is a vulnerability with a CVSS score of 7.8 (HIGH). Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call.
How severe is CVE-2015-6856?
CVE-2015-6856 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-6856?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Pre-Boot Authentication Driver.