VYPR

BIOS

by Dell

CVEs (117)

  • CVE-2023-28073HigJun 23, 2023
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.

  • CVE-2022-32489HigOct 12, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

  • CVE-2022-32488HigOct 12, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

  • CVE-2022-24421HigMar 11, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24420HigMar 11, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24419HigMar 11, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24416HigMar 11, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2022-24415HigMar 11, 2022
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

  • CVE-2021-21522HigSep 28, 2021
    risk 0.53cvss 8.2epss 0.00

    Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.

  • CVE-2022-26861HigSep 6, 2022
    risk 0.51cvss 7.9epss 0.00

    Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.

  • CVE-2024-32860HigJun 13, 2024
    risk 0.49cvss 7.5epss 0.00

    Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2024-32859HigJun 13, 2024
    risk 0.49cvss 7.5epss 0.00

    Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2024-32858HigJun 13, 2024
    risk 0.49cvss 7.5epss 0.00

    Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2023-32475HigJun 7, 2024
    risk 0.49cvss 7.6epss 0.00

    Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.

  • CVE-2024-22429HigMay 17, 2024
    risk 0.49cvss 7.5epss 0.00

    Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

  • CVE-2023-24571HigMar 16, 2023
    risk 0.49cvss 7.5epss 0.00

    Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

  • CVE-2022-34403HigFeb 1, 2023
    risk 0.49cvss 7.5epss 0.00

    Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.

  • CVE-2022-34398HigFeb 1, 2023
    risk 0.49cvss 7.5epss 0.00

    Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.

  • CVE-2022-34460HigJan 18, 2023
    risk 0.49cvss 7.5epss 0.00

    Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

  • CVE-2022-34401HigJan 18, 2023
    risk 0.49cvss 7.5epss 0.00

    Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Page 1 of 6