dell

optiplex_3280_aio_firmware

12 known vulnerabilities · sorted by CVSS score

CVE-2022-32489

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32488

HIGH8.2

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2021-36283

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / chengming_3990_firmware+84

Local

Published Sep 28, 2021

CVE-2022-32485

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32487

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2020-5362

HIGH7.1

Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.

dell / latitude_7414_rugged_firmware+353

Local

Published Jun 10, 2020

CVE-2022-32493

MEDIUM6.0

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2021-36285

MEDIUM5.7

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.

dell / latitude_5310_2-in-1_firmware+20

Local

Published Sep 28, 2021

CVE-2021-36284

MEDIUM5.7

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.

dell / latitude_5310_2-in-1_firmware+20

Local

Published Sep 28, 2021

CVE-2022-32483

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32484

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32491

MEDIUM4.1

Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022