dell

g7_7700_firmware

11 known vulnerabilities · sorted by CVSS score

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2021-21574

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2021-21572

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2022-22566

MEDIUM6.9

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

dell / alienware_area_51m_r1_firmware+215

Physical

Published Feb 9, 2022

CVE-2024-0160

MEDIUM6.8

Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.

dell / xps_17_9700_firmware+14

Physical

Published Jun 12, 2024

CVE-2023-43078

MEDIUM6.7

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.

dell / intel_thunderbolt_controller_firmware_update_utility+367

Local

Published Aug 28, 2024

CVE-2021-21571

MEDIUM5.9

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.

dell / alienware_m15_r6_firmware+127

Network

Published Jun 24, 2021

CVE-2024-0158

MEDIUM5.1

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

dell / alienware_m15_r6_firmware+387

Local

Published Jul 2, 2024

CVE-2024-28970

MEDIUM4.7

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service.

dell / vostro_5502_firmware+13

Local

Published Jun 12, 2024

CVE-2024-22448

MEDIUM4.7

Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

dell / alienware_m15_r6_firmware+267

Local

Published Apr 10, 2024

CVE-2022-22567

MEDIUM4.7

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

dell / alienware_area_51m_r1_firmware+215

Local

Published Feb 9, 2022