dell

latitude_7414_rugged_extreme_firmware

42 known vulnerabilities · sorted by CVSS score

CVE-2022-32488

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

Page 1 of 3

CVE-2022-32489

HIGH8.2

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-26861

HIGH7.9

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2022-34398

HIGH7.5

Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.

dell / alienware_area_51m_r1_firmware+241

Local

Published Feb 1, 2023

CVE-2022-32485

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2021-36343

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / precision_5820_tower_firmware+414

Local

Published Jan 24, 2022

CVE-2021-36342

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / precision_7510_firmware+414

Local

Published Jan 24, 2022

CVE-2022-32487

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-26860

HIGH7.5

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2022-26859

MEDIUM6.1

Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2022-26858

MEDIUM6.1

Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.

dell / alienware_m15_r6_firmware+399

Local

Published Sep 6, 2022

CVE-2022-32493

MEDIUM6.0

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32484

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32483

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2023-28042

MEDIUM5.1