BIOS
by Dell
CVEs (117)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-34393 | Hig | 0.49 | 7.5 | 0.00 | Jan 18, 2023 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-32490 | Hig | 0.49 | 7.5 | 0.00 | Jan 18, 2023 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-34391 | Hig | 0.49 | 7.5 | 0.00 | Oct 12, 2022 | Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-34390 | Hig | 0.49 | 7.5 | 0.00 | Oct 12, 2022 | Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-32487 | Hig | 0.49 | 7.5 | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-32485 | Hig | 0.49 | 7.5 | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-32492 | Hig | 0.49 | 7.5 | 0.00 | Oct 11, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-32486 | Hig | 0.49 | 7.5 | 0.00 | Oct 11, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2022-26860 | Hig | 0.49 | 7.5 | 0.00 | Sep 6, 2022 | Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM. | ||
| CVE-2022-24418 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||
| CVE-2022-24417 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||
| CVE-2021-36343 | Hig | 0.49 | 7.5 | 0.00 | Jan 24, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2021-36342 | Hig | 0.49 | 7.5 | 0.00 | Jan 24, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2021-36325 | Hig | 0.49 | 7.5 | 0.00 | Nov 12, 2021 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2021-36324 | Hig | 0.49 | 7.5 | 0.00 | Nov 12, 2021 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2021-36323 | Hig | 0.49 | 7.5 | 0.00 | Nov 12, 2021 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2021-36283 | Hig | 0.49 | 7.5 | 0.00 | Sep 28, 2021 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||
| CVE-2023-43088 | Hig | 0.47 | 7.2 | 0.00 | Dec 22, 2023 | Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device. | ||
| CVE-2022-34400 | Hig | 0.46 | 7.1 | 0.00 | Feb 1, 2023 | Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. | ||
| CVE-2022-31226 | Hig | 0.46 | 7.1 | 0.00 | Sep 12, 2022 | Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system. |
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.49cvss 7.5epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- risk 0.47cvss 7.2epss 0.00
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.
- risk 0.46cvss 7.1epss 0.00
Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
- risk 0.46cvss 7.1epss 0.00
Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.
Page 2 of 6