dell

xps_13_7390_2-in-1_firmware

44 known vulnerabilities · sorted by CVSS score

CVE-2022-32489

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

Page 1 of 3

CVE-2024-52541

HIGH8.2

Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

dell / alienware_m15_r6_firmware+391

Local

Published Feb 19, 2025

CVE-2022-32488

HIGH8.2

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32485

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32487

HIGH7.5

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2023-28075

MEDIUM6.9

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.

dell / alienware_m15_r7_firmware+244

Physical

Published Aug 16, 2023

CVE-2022-22566

MEDIUM6.9

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

dell / alienware_area_51m_r1_firmware+215

Physical

Published Feb 9, 2022

CVE-2023-28063

MEDIUM6.7

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

dell / optiplex_3000_micro_firmware+290

Local

Published Feb 6, 2024

CVE-2023-43078

MEDIUM6.7

Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.

dell / intel_thunderbolt_controller_firmware_update_utility+367

Local

Published Aug 28, 2024

CVE-2022-32493

MEDIUM6.0

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32482

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_m15_r6_firmware+188

Local

Published Feb 1, 2023

CVE-2022-32484

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2022-32483

MEDIUM5.6

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

dell / alienware_area_51m_r1_firmware+289

Local

Published Oct 12, 2022

CVE-2023-28061

MEDIUM5.1