vulnerability

Dell PowerEdge: CVE-2021-26402: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:S/C:N/I:C/A:C)	Jan 11, 2023	Jan 15, 2026	Jan 15, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:C/A:C)

Published

Jan 11, 2023

Added

Jan 15, 2026

Modified

Jan 15, 2026

Description

Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability.

Solution

dell-poweredge-upgrade-latest

References

CVE-2021-26402
https://attackerkb.com/topics/CVE-2021-26402
URL-https://www.dell.com/support/kbdoc/en-us/000207371/dsa-2023-002-dell-poweredge-server-security-update-for-amd-server-vulnerabilities
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today