BIOS
by Dell
CVEs (114)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-34390 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32493 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32491 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. | |||
| CVE-2022-32489 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32488 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32487 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32485 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32484 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||
| CVE-2022-32483 | 0.00 | — | 0.00 | Oct 12, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||
| CVE-2022-32492 | 0.00 | — | 0.00 | Oct 11, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-32486 | 0.00 | — | 0.00 | Oct 11, 2022 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||
| CVE-2022-31226 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system. | |||
| CVE-2022-31225 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures. | |||
| CVE-2022-31224 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system. | |||
| CVE-2022-31223 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system. | |||
| CVE-2022-31222 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash. | |||
| CVE-2022-31221 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system. | |||
| CVE-2022-31220 | 0.00 | — | 0.00 | Sep 12, 2022 | Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures. | |||
| CVE-2022-26861 | 0.00 | — | 0.00 | Sep 6, 2022 | Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM. | |||
| CVE-2022-26860 | 0.00 | — | 0.00 | Sep 6, 2022 | Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM. |
- CVE-2022-34390Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32493Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32491Oct 12, 2022risk 0.00cvss —epss 0.00
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
- CVE-2022-32489Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32488Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32487Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32485Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32484Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
- CVE-2022-32483Oct 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
- CVE-2022-32492Oct 11, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32486Oct 11, 2022risk 0.00cvss —epss 0.00
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-31226Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.
- CVE-2022-31225Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
- CVE-2022-31224Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Improper Protection Against Voltage and Clock Glitches vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by triggering a fault condition in order to change the behavior of the system.
- CVE-2022-31223Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system.
- CVE-2022-31222Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.
- CVE-2022-31221Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.
- CVE-2022-31220Sep 12, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.
- CVE-2022-26861Sep 6, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.
- CVE-2022-26860Sep 6, 2022risk 0.00cvss —epss 0.00
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.
Page 4 of 6