VYPR

PowerEdge Server BIOS

by Dell

CVEs (13)

  • CVE-2023-32460HigDec 8, 2023
    risk 0.57cvss 8.8epss 0.00

    Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.

  • CVE-2021-21557HigJun 14, 2021
    risk 0.53cvss 8.1epss 0.00

    Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information…

  • CVE-2024-0172HigApr 3, 2024
    risk 0.51cvss 7.9epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.

  • CVE-2024-22453HigMar 19, 2024
    risk 0.47cvss 7.2epss 0.00

    Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

  • CVE-2024-0161HigMar 13, 2024
    risk 0.47cvss 7.2epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

  • CVE-2023-25537MedMay 22, 2023
    risk 0.40cvss 6.1epss 0.00

    Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM…

  • CVE-2021-21556MedJun 14, 2021
    risk 0.40cvss 6.1epss 0.00

    Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to…

  • CVE-2022-22558MedApr 21, 2022
    risk 0.37cvss 5.7epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of…

  • CVE-2024-0163MedMar 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.

  • CVE-2024-0162MedMar 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

  • CVE-2024-25942MedMar 19, 2024
    risk 0.29cvss 4.4epss 0.00

    Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

  • CVE-2024-0173LowMar 13, 2024
    risk 0.25cvss 3.8epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.

  • CVE-2024-0154LowMar 13, 2024
    risk 0.25cvss 3.8epss 0.00

    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.