VYPR

Precision BIOS

by Dell

CVEs (33)

  • CVE-2024-0161HigMar 13, 2024
    risk 0.47cvss 7.2epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

  • CVE-2023-44297HigDec 5, 2023
    risk 0.46cvss 7.1epss 0.00

    Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code…

  • CVE-2023-25537MedMay 22, 2023
    risk 0.40cvss 6.1epss 0.00

    Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM…

  • CVE-2024-42424MedSep 10, 2024
    risk 0.34cvss 5.3epss 0.00

    Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2024-0163MedMar 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.

  • CVE-2024-0162MedMar 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

  • CVE-2023-32461MedSep 15, 2023
    risk 0.33cvss 5.0epss 0.00

    Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  

  • CVE-2024-42425LowSep 10, 2024
    risk 0.25cvss 3.8epss 0.00

    Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2024-0173LowMar 13, 2024
    risk 0.25cvss 3.8epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.

  • CVE-2024-0154LowMar 13, 2024
    risk 0.25cvss 3.8epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.

  • CVE-2022-34376LowFeb 10, 2023
    risk 0.25cvss 3.9epss 0.00

    Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM.

  • CVE-2023-44298LowDec 5, 2023
    risk 0.23cvss 3.6epss 0.00

    Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information tampering, code execution, denial of…

  • CVE-2022-34377LowFeb 10, 2023
    risk 0.12cvss 1.9epss 0.00

    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Page 2 of 2