vulnerability

Dell PowerEdge: CVE-2021-39298: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Jan 11, 2023	Jan 15, 2026	Jan 15, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Jan 11, 2023

Added

Jan 15, 2026

Modified

Jan 15, 2026

Description

A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.

Solution

dell-poweredge-upgrade-latest

References

CVE-2021-39298
https://attackerkb.com/topics/CVE-2021-39298
URL-https://www.dell.com/support/kbdoc/en-us/000207371/dsa-2023-002-dell-poweredge-server-security-update-for-amd-server-vulnerabilities

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today