Primary

Context

SEL BIOS Password Authentication Bypass Vulnerability

Vulnerability

Patched

A vulnerability exists in SEL BIOS packages prior to versions 1.3.49152.117 and 2.6.49152.98, allowing local attackers to bypass password authentication and alter password-protected BIOS settings. This is achieved by importing a BIOS settings file that lacks a password, exploiting the absence of proper validation.

Impact

Exploitation of this vulnerability allows for unauthorized changes to BIOS settings, potentially leading to broader system security risks.

Remediation

Users can update to SEL BIOS versions 1.3.49152.117 or 2.6.49152.98 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEL BIOS Password Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SEL-3350

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating