dell

inspiron_7500_2-in-1_firmware

10 known vulnerabilities · sorted by CVSS score

CVE-2022-26861

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2021-36343

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / precision_5820_tower_firmware+414

Local

Published Jan 24, 2022

CVE-2022-26860

HIGH7.5

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2021-36342

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / precision_7510_firmware+414

Local

Published Jan 24, 2022

CVE-2021-21572

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2021-21574

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2021-21573

HIGH7.2

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

dell / alienware_m15_r6_firmware+127

Local

Published Jun 24, 2021

CVE-2022-26859

MEDIUM6.1

Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2022-26858

MEDIUM6.1

Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2021-21571

MEDIUM5.9

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.

dell / alienware_m15_r6_firmware+127

Network

Published Jun 24, 2021