ByteOS Network

Type	CWE ID	Description
CWE	CWE-20	CWE-20: Improper Input Validation

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Hyperlink	Resource
https://www.dell.com/support/kbdoc/000202772	N/A

Hyperlink	Resource
https://www.dell.com/support/kbdoc/000202772	x_transferred

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov
CWE-20	Secondary	security_alert@emc.com

Hyperlink	Source	Resource
https://www.dell.com/support/kbdoc/000202772	security_alert@emc.com	Vendor Advisory

CVE-2021-36343

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-24 Jan, 2022 | 20:10

Updated-16 Sep, 2024 | 16:44

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36324

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-16 Sep, 2024 | 18:13

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36323

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-17 Sep, 2024 | 02:02

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36283

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-28 Sep, 2021 | 19:20

Updated-16 Sep, 2024 | 16:58

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36325

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-12 Nov, 2021 | 22:15

Updated-16 Sep, 2024 | 20:31

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34460

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 3.45%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:25

Updated-03 Apr, 2025 | 19:38

Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34393

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.52%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:19

Updated-03 Apr, 2025 | 19:38

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-32492

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.26%

||

7 Day CHG~0.00%

Published-11 Oct, 2022 | 16:40

Updated-16 May, 2025 | 13:48

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-precision_7820_tower bios precision_5820_tower precision_7920_tower CPG BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2022-32490

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 3.45%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:59

Updated-03 Apr, 2025 | 19:43

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-edge_gateway_3000_firmware embedded_box_pc_3000_firmware edge_gateway_5000_firmware embedded_box_pc_3000 edge_gateway_3000 edge_gateway_5000 BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2024-47238

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 7.83%

||

7 Day CHG~0.00%

Published-12 Dec, 2024 | 17:38

Updated-04 Feb, 2025 | 15:52

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Vendor-Dell Inc.

Product-edge_gateway_3000 embedded_box_pc_3000_firmware edge_gateway_3003 edge_gateway_5100_firmware edge_gateway_5100 embedded_box_pc_3000 edge_gateway_3002_firmware edge_gateway_3003_firmware edge_gateway_3002 edge_gateway_3001_firmware edge_gateway_3200_firmware edge_gateway_3001 edge_gateway_3000_firmware edge_gateway_5000_firmware edge_gateway_3200 edge_gateway_5000 Dell Client Platform BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2022-24417

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.25%

||

7 Day CHG~0.00%

Published-26 May, 2022 | 15:20

Updated-16 Sep, 2024 | 20:27

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-24571

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.77%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 09:55

Updated-26 Feb, 2025 | 18:59

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-embedded_box_pc_3000_firmware embedded_box_pc_3000 Embedded Box PC 3000 , CPG BIOS

CWE ID-CWE-20

Improper Input Validation

CVE-2022-24418

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.25%

||

7 Day CHG~0.00%

Published-26 May, 2022 | 15:20

Updated-17 Sep, 2024 | 02:27

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2023-32469

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.19%

||

7 Day CHG~0.00%

Published-16 Nov, 2023 | 08:14

Updated-02 Aug, 2024 | 15:18

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendor-Dell Inc.

Product-precision_5820_firmware precision_7820 precision_7920_firmware precision_7820_firmware precision_7920 precision_5820 Dell Precision 5820 Tower, Dell Precision 7820 Tower, Dell Precision 7920 Tower

CWE ID-CWE-20

Improper Input Validation

CVE-2021-36342

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.85%

||

7 Day CHG~0.00%

Published-24 Jan, 2022 | 20:10

Updated-16 Sep, 2024 | 18:34

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2024-32859

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.10%

||

7 Day CHG~0.00%

Published-13 Jun, 2024 | 12:39

Updated-19 Sep, 2024 | 16:24

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-32858

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.10%

||

7 Day CHG~0.00%

Published-13 Jun, 2024 | 12:48

Updated-24 Sep, 2024 | 17:45

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-28976

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.04% / 12.35%

||

7 Day CHG~0.00%

Published-24 Apr, 2024 | 08:01

Updated-21 Jan, 2025 | 18:50

Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.

Vendor-Dell Inc.

Product-repository_manager Dell Repository Manager (DRM) repository_manager

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2024-22429

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.25%

||

7 Day CHG~0.00%

Published-17 May, 2024 | 15:20

Updated-30 Jan, 2025 | 15:48

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-32485

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.06% / 17.44%

||

7 Day CHG~0.00%

Published-12 Oct, 2022 | 19:25

Updated-16 May, 2025 | 13:45

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-32487

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.26%

||

7 Day CHG~0.00%

Published-12 Oct, 2022 | 19:25

Updated-15 May, 2025 | 17:48

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-32860

Matching Score-10

Assigner-Dell

View Details

Matching Score-10

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.10%

||

7 Day CHG~0.00%

Published-13 Jun, 2024 | 13:00

Updated-16 Aug, 2024 | 16:46

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Vendor-Dell Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2024-0162

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-5.3||MEDIUM

EPSS-0.07% / 23.05%

||

7 Day CHG~0.00%

Published-13 Mar, 2024 | 16:18

Updated-04 Feb, 2025 | 17:30

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-36276

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.04% / 11.35%

||

7 Day CHG~0.00%

Published-09 Aug, 2021 | 21:05

Updated-17 Sep, 2024 | 02:42

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Vendor-Dell Inc.

Product-dbutildrv2.sys_firmware dbutil

CWE ID-CWE-285

Improper Authorization

CVE-2025-30105

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.01% / 1.78%

||

7 Day CHG~0.00%

Published-30 Jul, 2025 | 17:50

Updated-05 Aug, 2025 | 03:56

Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Vendor-Dell Inc.

Product-XtremIO

CWE ID-CWE-532

Insertion of Sensitive Information into Log File

CVE-2025-26332

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.01% / 1.78%

||

7 Day CHG~0.00%

Published-30 Jul, 2025 | 17:55

Updated-05 Aug, 2025 | 03:56

TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Vendor-Dell Inc.

Product-TechAdvisor

CWE ID-CWE-532

Insertion of Sensitive Information into Log File

CVE-2025-25215

Matching Score-8

Assigner-Talos

View Details

Matching Score-8

Assigner-Talos

CVSS Score-8.8||HIGH

EPSS-0.03% / 5.51%

||

7 Day CHG~0.00%

Published-13 Jun, 2025 | 21:26

Updated-17 Jun, 2025 | 18:13

Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability

An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability.

Vendor-Broadcom Inc.Dell Inc.

Product-ControlVault3 ControlVault3 Plus BCM5820X

CWE ID-CWE-763

Release of Invalid Pointer or Reference

CVE-2025-25050

Matching Score-8

Assigner-Talos

View Details

Matching Score-8

Assigner-Talos

CVSS Score-8.8||HIGH

EPSS-0.02% / 3.36%

||

7 Day CHG~0.00%

Published-13 Jun, 2025 | 21:03

Updated-17 Jun, 2025 | 15:18

Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability

An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability.

Vendor-Dell Inc.Broadcom Inc.

Product-ControlVault3 ControlVault3 Plus BCM5820X

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-24922

Matching Score-8

Assigner-Talos

View Details

Matching Score-8

Assigner-Talos

CVSS Score-8.8||HIGH

EPSS-0.02% / 3.61%

||

7 Day CHG~0.00%

Published-13 Jun, 2025 | 20:51

Updated-17 Jun, 2025 | 03:55

Dell ControlVault3/ControlVault3 Plus securebio_identify stack-based buffer overflow vulnerability

A stack-based buffer overflow vulnerability exists in the securebio_identify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cv_object can lead to a arbitrary code execution. An attacker can issue an API call to trigger this vulnerability.

Vendor-Dell Inc.Broadcom Inc.

Product-BCM5820X ControlVault3 Plus ControlVault3

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2021-21572

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.2||HIGH

EPSS-0.04% / 9.93%

||

7 Day CHG~0.00%

Published-24 Jun, 2021 | 17:00

Updated-16 Sep, 2024 | 19:30

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Vendor-Dell Inc.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-21551

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-65.23% / 98.41%

||

7 Day CHG-2.21%

Published-04 May, 2021 | 15:15

Updated-30 Jul, 2025 | 01:38

Known KEV||Action Due Date - 2022-04-21||Apply updates per vendor instructions.

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Vendor-Dell Inc.

Product-inspiron_5521 inspiron_7706_2-in-1 latitude_5520 vostro_5391 precision_5720_aio optiplex_7770_aio precision_5820_xl_tower latitude_3440 vostro_14_3458 latitude_5495 latitude_5401 latitude_e7440 xps_13_9360 inspiron_3157 optiplex_3046 latitude_12_rugged_tablet_7212 inspiron_5520 vostro_3591 inspiron_3880 vostro_3900 optiplex_7440_aio latitude_e5540 latitude_14_rugged_extreme_7414 precision_3560 precision_3420_tower wyse_5070 precision_3520 inspiron_5584 inspiron_1545 chengming_3990 latitude_e7270_wyse_tc vostro_3584 latitude_7390_2-in-1 inspiron_3168 latitude_3480 latitude_7380 inspiron_5590 vostro_260 inspiron_one_19 inspiron_7501 optiplex_7060 latitude_3310_2-in-1 latitude_3310 latitude_7400 precision_3540 vostro_14_5471 inspiron_7359 inspiron_5548 latitude_rugged_5420 inspiron_5482 alienware_asm100r2 inspiron_7391_2-in-1 latitude_12_rugged_extreme_7214 precision_m6600 vostro_5490 inspiron_5490_aio latitude_3490 inspiron_3581 precision_t7610 vostro_3800 thunderbolt_dock_tb18dc vostro_3560 precision_3550 latitude_3160 optiplex_3090_ultra latitude_e6540 inspiron_15-3552 latitude_5420 latitude_7320 inspiron_3670 xps_15_9560 inspiron_7500_2-in-1_silver inspiron_7390 optiplex_5270_aio optiplex_7460_all-in-one latitude_7290 precision_t5600 vostro_270s inspiron_5406_2-in-1 inspiron_5391 inspiron_3790 inspiron_3520 latitude_3120 inspiron_3590 inspiron_5737 latitude_e5420 xps_8700 optiplex_5250_all-in-one vostro_5390 latitude_e5570 vostro_3900g precision_3530 latitude_e5270 inspiron_5443 inspiron_7591 optiplex_7080 latitude_3560 latitude_5491 vostro_3400 optiplex_7040 dbutil precision_7520 latitude_7420 vostro_1550 inspiron_5409 inspiron_15_gaming_7566 latitude_xt3 g7_7790 vostro_15_7570 latitude_rugged_extreme_tablet_7220 latitude_3301 latitude_3410 inspiron_2330 optiplex_7071 inspiron_14_5468 inspiron_24-5475 inspiron_5481_2-in-1 precision_t7910 vostro_5480 inspiron_5498 vostro_3010 inspiron_3656 precision_t5810 inspiron_620 xps_9530 latitude_5490 vostro_7590 optiplex_5050 latitude_3470 latitude_7200_2-in-1 latitude_3480_mobile_thin_client vostro_3501 xps_8940 optiplex_fx130 precision_7920_tower g3_3500 precision_m4600 vostro_20_3052 optiplex_3011_aio optiplex latitude_e6530 latitude_e6440 vostro_3590 xps_17_9700 canvas_27 latitude_3300 precision_7550 inspiron_3252 optiplex_7760_aio inspiron_3501 latitude_3390 precision_t3500 inspiron_7537 vostro_3901 inspiron_24-3452 xps_12_9250 xps_13_9380 inspiron_7300 vostro_5301 vostro_5401 optiplex_9020 precision_7530 latitude_7285 inspiron_7490 inspiron_7548 latitude_e5470 inspiron_17_5767 chengming_3980 precision_7710 inspiron_5509 alienware_m14xr2 vostro_3481 xps_9550 latitude_5591 latitude_3330 inspiron_3481 xps_13_9305 inspiron_3780 vostro_3669 inspiron_14_gaming_7466 inspiron_5537 latitude_e6330 optiplex_3280_aio precision_3551 xps_8900 latitude_e5430 inspiron_5598 latitude_7400_2in1 vostro_3881 optiplex_7450_all-in-one inspiron_7506_2-in-1 precision_3930_xl_rack latitude_rugged_7424 inspiron_5493 inspiron_7558 latitude_5510 inspiron_5448 xps_13_9310_2-in-1 inspiron_7737 vostro_3470 inspiron_3881 vostro_7500 inspiron_5400_aio inspiron_3793 wyse_5470 vostro_3580 optiplex_5040 precision_3541 precision_5530_2-in-1 inspiron_5323 inspiron_580s precision_5510 inspiron_15_7572 inspiron_5423 precision_3510 inspiron_7437 vostro_230 vostro_2521 xps_9350 inspiron_3043 inspiron_5400_2-in-1 latitude_3500 g7_7590 latitude_e6230 inspiron_7500_2-in-1_black inspiron_15-5559 latitude_3190_2-in-1 chengming_3991 inspiron_3443 vostro_5890 g7_7700 precision_m6700 xps_13_7390_2-in-1 inspiron_3471 inspiron_17-5759 latitude_5288 latitude_3510 xps_15_9575_2-in-1 optiplex_5055 optiplex_3080 inspiron_3437 inspiron_7590_2-in-1 precision_t7810 optiplex_3030_aio wyse_7040_thin_client latitude_3450 precision_3620_tower inspiron_14_gaming_7467 inspiron_15z inspiron_5408 inspiron_20-3052 latitude_e7470 xps_13_9300 inspiron_3480 optiplex_xe3 latitude_3460_wyse_tc latitude_5300_2-in-1 vostro_3500 alienware_m15_r4 inspiron_7380 inspiron_3543 precision_3930_rack inspiron_14-5459 inspiron_5543 g3_3579 inspiron_7720 optiplex_5480_aio vostro_15_3561 vostro_3668 embedded_box_pc_5000 vostro_5581 precision_5550 vostro_5402 xps_13_9370 latitude_5280 latitude_5175 vostro_5880 vostro_5590 latitude_3150 latitude_5480 xps_13_9343 vostro_3267 xps_13_9365_2-in-1 latitude_7370 vostro_13_5370 inspiron_3580 vostro_3905 precision_t1700 g5_5090 inspiron_5583 latitude_e6220 dock_wd15 optiplex_990 inspiron_3521 inspiron_13_5370 inspiron_1210 inspiron_7591_2-in-1 inspiron_5508 optiplex_7090_ultra vostro_3252 inspiron_7559 optiplex_3010 precision_3640 latitude_e6320 inspiron_14-3452 latitude_e7270 vostro_3902 dock_wd19 latitude_5250 xps_13_7390 inspiron_5580 inspiron_3490 inspiron_7586 inspiron_3781 latitude_7280 optiplex_7020 optiplex_5055_ryzen_cpu latitude_3380 optiplex_7050 inspiron_1564 precision_7510 inspiron_3646 vostro_14-3446 precision_3440 alienware_14 latitude_7300 precision_t3610 precision_3240_cff g3_3779 precision_7820_tower latitude_rugged_5424 latitude_9510 precision_5530 precision_t7500 optiplex_3070 g5_5500 precision_7730 optiplex_xe2 inspiron_24-3455 latitude_5511 inspiron_3593 latitude_7490 latitude_e7270_mobile_thin_client optiplex_7480_aio thunderbolt_dock_tb16 latitude_5320 latitude_5580 vostro_5300 vostro_5591 latitude_5290_2-in-1 xps_27_7760 inspiron_7580 precision_5540 xps_13_9310 xps_one_2710 vostro_3660 latitude_5179 inspiron_7790 inspiron_3584 latitude_5450 vostro_3583 inspiron_3647 latitude_7210_2_in_1 inspiron_5402 latitude_3460 inspiron_3671 inspiron_3147 vostro_3471 inspiron_3542 precision_3630_tower latitude_e5530 inspiron_14_7460 alienware_m17xr4 inspiron_7746 vostro_270 inspiron_3470 inspiron_5301 vostro_3888 inspiron_660s latitude_5501 inspiron_5676 latitude_3570 vostro_15_5568 inspiron_5490 latitude_7389 precision_5820_tower vostro_3070 precision_7540 vostro_5502 inspiron_3268 inspiron_3655 inspiron_15_7560 vostro_5491 inspiron_3442 precision_m4700 inspiron_5491_aio latitude_5300 vostro_5501 inspiron_5348 latitude_7275 latitude_7390 inspiron_15_5567 precision_7920_xl_tower latitude_3580 g5_5590 inspiron_11-3162 inspiron_5494 g15_5510 latitude_5285_2-in-1 g7_7588 precision_3430_tower vostro_14-5459 vostro_20_3055 inspiron_3583 inspiron_7368 latitude_3350 inspiron_5390 optiplex_3050_aio inspiron_7472 latitude_5200 latitude_9410 inspiron_1122 chengming_3988 inspiron_3537 optiplex_9010 optiplex_fx170 inspiron_15_5566 optiplex_3050 inspiron_7500 optiplex_5080 optiplex_7010 latitude_3190 inspiron_5576 inspiron_5570 inspiron_5593 latitude_e5440 optiplex_5070 latitude_7310 optiplex_7070_ultra optiplex_780 xps_15_9570 latitude_5400 vostro_3671 latitude_7480 latitude_3400 latitude_3550 inspiron_3891 vostro_3490 optiplex_790 latitude_5285 precision_t5610 vostro_3491 latitude_7520 latitude_5550 precision_7720 precision_7750 latitude_5410 vostro_3268 vostro_3480 inspiron_7386 inspiron_7786 vostro_5090 inspiron_5480 alienware_m18xr2 latitude_14_rugged_extreme_7404 vostro_5410 vostro_3667 latitude_5280_mobile_thin_client latitude_7410 latitude_3590 optiplex_5060 inspiron_5577 latitude_7350 gaming_g3_3590 g5_5587 chengming_3977 xps_7590 vostro_470 precision_t3600 precision_7820_xl_tower inspiron_5591_2-in-1 latitude_5310_2-in-1 latitude_14_rugged_5414 inspiron_15_gaming_7577 optiplex_9030_aio inspiron_7391 chengming_3967 latitude_e7450 latitude_3340 precision_5520 inspiron_5300 precision_t7600 latitude_5290 vostro_5481 cheng_ming_3967 latitude_e7250 inspiron_15_5582_2-in-1 latitude_rugged_extreme_tablet_7220ex latitude_3180 inspiron_7590 latitude_12_7285 inspiron_15_gaming_7567 g5_5000 inspiron_5502 vostro_3890 vostro_3681 optiplex_3040 inspiron_15-5565 xps_15_9500 latitude_e7240 inspiron_7791 inspiron_660 latitude_5500 optiplex_5055_ryzen_apu alienware_asm100 optiplex_7070 optiplex_3020 vostro_3401 optiplex_5260_all-in-one precision_t5500 wyse_5470_all-in-one alienware_17_51m_r2 latitude_rugged_extreme_7424 vostro_3690 vostro_1450 inspiron_3847 precision_3431_tower inspiron_7306_2-in-1 latitude_5590 vostro_220s inspiron_one_2020 latitude_3189 latitude_e6430_atg precision_17_m5750 inspiron_7300_2-in-1 inspiron_5401 vostro_3670 precision_7740 g7_7500 inspiron_3421 latitude_e6430 latitude_5289 vostro_14_5468 optiplex_5055_a-serial optiplex_390 inspiron_5491_2-in-1 latitude_5488 vostro_3581 inspiron_7520 vostro_15_7580 optiplex_3060 inspiron_7700 inspiron_5485_2-in-1 inspiron_5770 precision_r5500 inspiron_5594 inspiron_5749 precision_3430_xl inspiron_3048 inspiron_7400 inspiron_5501 alienware_area_51 inspiron_3493 optiplex_3240_all-in-one latitude_5411 optiplex_7780_aio latitude_5310 inspiron_3668 dbutil dbutil Driver

CWE ID-CWE-782

Exposed IOCTL with Insufficient Access Control

CVE-2021-21552

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-5.2||MEDIUM

EPSS-0.14% / 34.59%

||

7 Day CHG~0.00%

Published-21 May, 2021 | 20:05

Updated-16 Sep, 2024 | 23:46

Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system.

Vendor-Microsoft Corporation Dell Inc.

Product-wyse_5070_thin_client wyse_5470_all-in-one_thin_client wyse_5470_thin_client windows_10 Wyse Windows Embedded (WES)

CWE ID-CWE-863

Incorrect Authorization

CVE-2021-21601

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-8.8||HIGH

EPSS-0.04% / 10.10%

||

7 Day CHG~0.00%

Published-10 Aug, 2021 | 19:05

Updated-17 Sep, 2024 | 03:02

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.

Vendor-Dell Inc.

Product-emc_integrated_data_protection_appliance emc_data_protection_search Data Protection Search

CWE ID-CWE-532

Insertion of Sensitive Information into Log File

CVE-2021-21574

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.2||HIGH

EPSS-0.09% / 26.20%

||

7 Day CHG~0.00%

Published-24 Jun, 2021 | 17:00

Updated-16 Sep, 2024 | 21:08

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Vendor-Dell Inc.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-21553

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.3||HIGH

EPSS-0.03% / 7.77%

||

7 Day CHG~0.00%

Published-02 Aug, 2021 | 23:45

Updated-17 Sep, 2024 | 03:54

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.

Vendor-Dell Inc.

Product-powerscale_onefs PowerScale OneFS

CWE ID-CWE-286

Incorrect User Management

CVE-2025-21102

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 2.83%

||

7 Day CHG~0.00%

Published-08 Jan, 2025 | 11:25

Updated-24 Jan, 2025 | 19:10

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

Vendor-Dell Inc.

CWE ID-CWE-256

Plaintext Storage of a Password

CWE ID-CWE-522

Insufficiently Protected Credentials

CVE-2025-21111

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 2.38%

||

7 Day CHG~0.00%

Published-08 Jan, 2025 | 17:38

Updated-24 Jan, 2025 | 19:11

Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

Vendor-Dell Inc.

CWE ID-CWE-256

Plaintext Storage of a Password

CWE ID-CWE-522

Insufficiently Protected Credentials

CVE-2022-34409

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:26

Updated-26 Feb, 2025 | 18:57

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34412

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:33

Updated-26 Feb, 2025 | 19:15

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-xe7440 m630p_firmware dss8440_firmware r740xd_firmware xr12_firmware r430_firmware m640 r350 r350_firmware c6320_firmware r6525_firmware mx840c dss8440 t430 nx3240_firmware r6525 r550 r750_firmware t640 c4130_firmware fc430_firmware c6320 r230 nx430_firmware c6420_firmware r6515_firmware nx3230 t330 t630_firmware xr2_firmware fc640_firmware mx740c c6525_firmware r440 r840 t130 xr2 r750xs r750xa_firmware r440_firmware t550_firmware r240_firmware r730_firmware c4130 r830 r240 r930_firmware r530 t430_firmware r540_firmware t630 fc630 m630 t340 r7415_firmware nx3230_firmware c6520_firmware nx3240 t140 r250 xr11_firmware r340_firmware nx430 r6515 xr11 xe2420 t150_firmware xe8545_firmware r540 fc830 r940xa nx3330 c4140_firmware mx750c nx440 r750xa xe7440_firmware xe7420 r940xa_firmware r7425 r7525_firmware r7525 r740_firmware c6420 r930 m830p t440_firmware fc630_firmware m830 t440 r730xd_firmware m630p fc830_firmware r740xd r630_firmware nx3340_firmware r430 m640_firmware t350_firmware r6415_firmware m830_firmware c6525 xe7420_firmware r650_firmware r740 r340 c6520 m830p_firmware r750 mx750c_firmware t150 xe2420_firmware r650xs_firmware m640p_firmware r7425_firmware t140_firmware r640 xr12 r630 fc430 r640_firmware r730xd r7415 nx3340 r650xs c4140 r740xd2 r830_firmware t550 r750xs_firmware nx3330_firmware r330_firmware mx840c_firmware r230_firmware m640p r940_firmware t130_firmware r940 r650 r840_firmware r530_firmware r7515 r250_firmware t340_firmware r730 r330 t640_firmware r450_firmware t350 xe8545 nx440_firmware r6415 r740xd2_firmware r550_firmware r7515_firmware t330_firmware r450 fc640 mx740c_firmware m630_firmware PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34390

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 5.56%

||

7 Day CHG~0.00%

Published-12 Oct, 2022 | 19:25

Updated-12 May, 2025 | 18:51

Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-alienware_area-51_r4_firmware alienware_area-51_r5_firmware alienware_area-51_r5 alienware_area-51_r4 CPG BIOS

CWE ID-CWE-457

Use of Uninitialized Variable

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2022-34417

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:50

Updated-26 Feb, 2025 | 15:32

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34391

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.02% / 4.26%

||

7 Day CHG~0.00%

Published-12 Oct, 2022 | 19:25

Updated-16 May, 2025 | 13:44

Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-alienware_area-51_r4_firmware alienware_area-51_r5_firmware alienware_area-51_r5 alienware_area-51_r4 CPG BIOS

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34415

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:44

Updated-26 Feb, 2025 | 15:35

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34416

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:48

Updated-26 Feb, 2025 | 15:34

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34410

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:29

Updated-26 Feb, 2025 | 18:56

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34422

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:58

Updated-26 Feb, 2025 | 15:25

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34413

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:35

Updated-26 Feb, 2025 | 15:56

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34403

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.04% / 10.36%

||

7 Day CHG~0.00%

Published-01 Feb, 2023 | 05:19

Updated-26 Mar, 2025 | 18:54

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-34420

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 8.38%

||

7 Day CHG~0.00%

Published-16 Mar, 2023 | 11:55

Updated-26 Feb, 2025 | 15:28

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Vendor-Dell Inc.

Product-r750xa_firmware t430_firmware r6515_firmware t350_firmware fc430_firmware m630_firmware t550_firmware r430 nx3330 r750xa c6420 r6515 fc430 r530_firmware r930_firmware r450 r650_firmware r6415 t130_firmware c6520_firmware t440 xe7420 m630 r640_firmware r740 r550_firmware c4130_firmware r830 r940xa r7515_firmware t340_firmware r240_firmware r630_firmware nx3230 fc640_firmware m830p r250 fc630_firmware r940xa_firmware xe2420_firmware nx3340 t640_firmware r940_firmware xe7440 r230_firmware m830_firmware c4140_firmware c6320_firmware xr12_firmware m640p r750 fc630 r730xd_firmware r7415 r550 r6415_firmware r340 xe8545 r650 nx430_firmware fc640 r630 c4130 r740xd2_firmware r7425_firmware r240 c6420_firmware t330_firmware mx740c r7425 r330_firmware c6525 t140 r750xs_firmware r330 nx430 r640 nx440_firmware mx840c m630p nx3340_firmware r750xs t630 m640 c6320 r430_firmware r650xs r350 t150_firmware r750_firmware t150 r6525 mx840c_firmware r740_firmware r450_firmware nx3240_firmware c4140 t630_firmware t340 t130 t430 r440_firmware r530 dss8440_firmware mx740c_firmware r250_firmware r940 r340_firmware r7415_firmware r840 r730 nx3240 m830 m640p_firmware xe8545_firmware r440 r740xd2 r7525_firmware r6525_firmware r730xd r540 r230 mx750c_firmware r840_firmware r740xd_firmware r7525 xe2420 xr11_firmware dss8440 xr11 m630p_firmware fc830 r350_firmware t550 xr12 nx3330_firmware mx750c nx440 t640 r830_firmware r540_firmware m830p_firmware t350 fc830_firmware t140_firmware xe7440_firmware r730_firmware xr2 m640_firmware r740xd r7515 t330 c6525_firmware xe7420_firmware r650xs_firmware t440_firmware xr2_firmware r930 nx3230_firmware c6520 PowerEdge Platform

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2022-34401

Matching Score-8

Assigner-Dell

View Details

Matching Score-8

Assigner-Dell

CVSS Score-7.5||HIGH

EPSS-0.03% / 5.96%

||

7 Day CHG~0.00%

Published-18 Jan, 2023 | 05:51

Updated-03 Apr, 2025 | 19:42

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Vendor-Dell Inc.

Product-g15_5525_firmware alienware_m17_r5_firmware alienware_m15_a6_firmware g15_5525 alienware_m15_a6 alienware_m17_r5 CPG BIOS

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-32486

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs