Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-24571

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-16 Mar, 2023 | 09:55
Updated At-26 Feb, 2025 | 18:59
Rejected At-
Credits

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:16 Mar, 2023 | 09:55
Updated At:26 Feb, 2025 | 18:59
Rejected At:
â–¼CVE Numbering Authority (CNA)

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

Affected Products
Vendor
Dell Inc.Dell
Product
Embedded Box PC 3000 , CPG BIOS
Default Status
unaffected
Versions
Affected
  • All BIOS Versions
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046
Resource:
vendor-advisory
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046
vendor-advisory
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:16 Mar, 2023 | 10:15
Updated At:07 Nov, 2023 | 04:08

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.5HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Dell Inc.
dell
>>embedded_box_pc_3000_firmware>>Versions before 1.18.0(exclusive)
cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>embedded_box_pc_3000>>-
cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondarysecurity_alert@emc.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046security_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

422Records found
CVE-2025-43943
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.28%
||
7 Day CHG~0.00%
Published-25 Sep, 2025 | 15:22
Updated-16 Jan, 2026 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-cloud_disaster_recoveryCloud Disaster Recovery
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-46424
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-05 Nov, 2025 | 16:46
Updated-07 Nov, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-cloudlinkCloudLink
CWE ID-CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CVE-2015-4056
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.60%
||
7 Day CHG~0.00%
Published-21 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.

Action-Not Available
Vendor-n/aDell Inc.
Product-vce_vision_intelligent_operationsn/a
CVE-2019-18577
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.43%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 20:30
Updated-16 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access.

Action-Not Available
Vendor-Dell Inc.
Product-xtremio_management_serverXtremIO
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-32489
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.68%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 13:36
Updated-08 Oct, 2024 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.  

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2023-32490
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.31%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 13:40
Updated-08 Oct, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-32494
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.31%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 12:56
Updated-08 Oct, 2024 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CVE-2023-28063
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.06%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 07:38
Updated-02 Aug, 2024 | 12:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_24_5410_all-in-onelatitude_5401vostro_5391_firmwarexps_15_9510_firmwarelatitude_3520precision_3561_firmwarexps_17_9710_firmwareoptiplex_tower_plus_7010_firmwareprecision_7770_firmwareprecision_7560inspiron_5590_firmwareg7_17_7790_firmwareoptiplex_all-in-one_7410_firmwarexps_13_9315inspiron_7490optiplex_5090_small_form_factor_firmwareprecision_7540inspiron_15_3511_firmwarelatitude_9420inspiron_5490_firmwareprecision_5470_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511inspiron_5620_firmwareinspiron_7501latitude_7390_2-in-1inspiron_7300_2-in-1chengming_3911_firmwareprecision_5530_2-in-1precision_5550xps_17_9700optiplex_3000_microoptiplex_7000_microlatitude_5300vostro_3400g3_3500optiplex_3000_tower_firmwareoptiplex_micro_7010_firmwarelatitude_7320latitude_7300optiplex_7090g7_17_7700_firmwareinspiron_7000latitude_3420latitude_7490_firmwareoptiplex_tower_7010latitude_5310_2-in-1_firmwareprecision_3570inspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591inspiron_3511_firmwarelatitude_5531_firmwareinspiron_14_5410precision_3570_firmwareprecision_5770_firmwarelatitude_3400latitude_3420_firmwareg5_5000xps_15_9575_2-in-1inspiron_14_5420_firmwareinspiron_5491_2-in-1_firmwareoptiplex_3090_firmwareg15_5520_firmwarelatitude_3530inspiron_7506_2-in-1_firmwarexps_13_plus_9320optiplex_7000_small_form_factor_firmwarelatitude_7320_detachable_firmwarelatitude_9410optiplex_7400_all-in-oneoptiplex_7080_firmwarelatitude_5420_rugged_firmwarelatitude_5310latitude_5530vostro_5391latitude_5431_firmwarelatitude_5420_ruggedoptiplex_7090_ultra_firmwareinspiron_7000_firmwareprecision_3450chengming_3900latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7330_firmwarexps_15_9520_firmwarevostro_3020_small_desktopvostro_5591precision_5560optiplex_5400_all-in-one_firmwarelatitude_7430_firmwarelatitude_3330_firmwareinspiron_3881_firmwarelatitude_5521optiplex_7000_tower_firmwareoptiplex_5480_all-in-one_firmwareprecision_3540precision_5570_firmwareinspiron_3910inspiron_7510_firmwarelatitude_7520optiplex_7400_all-in-one_firmwareinspiron_7500_2-in-1_black_firmwarelatitude_3310latitude_5290_2-in-1optiplex_3090latitude_7290vostro_5410vostro_7620_firmwareinspiron_16_7620_2-in-1inspiron_5402latitude_5430_firmwarelatitude_7230_rugged_extreme_tabletprecision_7540_firmwarevostro_3881inspiron_7391_firmwarevostro_5401inspiron_24_5411_all-in-one_firmwarelatitude_5420_firmwareprecision_3561inspiron_14_7420_2-in-1vostro_5300inspiron_3493_firmwareoptiplex_3000_towerprecision_3460_xe_small_form_factor_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_16_plus_7620latitude_7210_2-in-1inspiron_7590vostro_5880precision_3260_compactalienware_m15_r7_firmwarealienware_m15_r6_firmwarelatitude_5491latitude_3140_firmwarelatitude_9520_firmwareprecision_5560_firmwarelatitude_5330vostro_3690_firmwarelatitude_5520_firmwareoptiplex_5480_all-in-oneinspiron_24_5410_all-in-one_firmwareinspiron_5591_2-in-1_firmwarelatitude_5400latitude_5410precision_7865_towerprecision_3541xps_8940precision_7730_firmwareprecision_3551latitude_5401_firmwareoptiplex_all-in-one_7410optiplex_3000_small_form_factor_firmwareprecision_7730inspiron_3520precision_3640_tower_firmwareinspiron_7610vostro_5301_firmwareg7_17_7790vostro_5890inspiron_5400_2-in-1latitude_5400_firmwareinspiron_7610_firmwareinspiron_5400_2-in-1_firmwareg7_15_7590inspiron_7391latitude_9330_firmwareinspiron_7700_all-in-oneprecision_3440latitude_rugged_7220ex_firmwareinspiron_13_5320vostro_5402optiplex_tower_7010_firmwareoptiplex_7090_ultrag5_5000_firmwareprecision_3550_firmwarelatitude_3310_firmwarevostro_3690precision_3460_small_form_factor_firmwareinspiron_5300_firmwareoptiplex_xe4_oemready_firmwarelatitude_7530optiplex_7490_all-in-onevostro_7500alienware_m15_r7inspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareoptiplex_5090_towervostro_3681latitude_7400_2-in-1_firmwareprecision_3530latitude_5411_firmwarelatitude_3510_firmwareinspiron_3593inspiron_15_5518_firmwareprecision_7740optiplex_tower_plus_7010latitude_7310_firmwareoptiplex_3000_thin_clientinspiron_7306_2-in-1latitude_7530_firmwarexps_13_9310_firmwarexps_13_7390_firmwarelatitude_9510optiplex_3280_all-in-oneprecision_5760_firmwarevostro_3420_firmwarevostro_3681_firmwarevostro_5890_firmwarelatitude_9510_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1precision_7760_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511xps_13_9305_firmwareinspiron_5410vostro_5502optiplex_7780_all-in-oneinspiron_5490inspiron_3501_firmwarelatitude_5300_firmwareinspiron_3880optiplex_7000_xe_microprecision_7865_tower_firmwarexps_17_9720precision_7550inspiron_5391optiplex_small_form_factor_7010g5_15_5590_firmwareinspiron_5598inspiron_14_plus_7420latitude_5320_firmwareg7_15_7590_firmwareoptiplex_3080xps_13_9315_firmwarexps_13_9300_firmwareprecision_5750inspiron_27_7710_all-in-one_firmwarelatitude_rugged_5430precision_5570inspiron_7591latitude_7310inspiron_14_5410_firmwareinspiron_7500g15_5511inspiron_5620precision_5760optiplex_7480_all-in-onechengming_3990_firmwareprecision_3551_firmwareinspiron_3020_small_desktop_firmwarelatitude_9430vostro_3400_firmwarevostro_5310_firmwarelatitude_5290_firmwarelatitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwarelatitude_7390vostro_3500xps_13_9315_2-in-1precision_7750_firmwarelatitude_3520_firmwarechengming_3991_firmwarevostro_7590_firmwareinspiron_14_5418inspiron_7400latitude_9430_firmwareprecision_3650_tower_firmwareinspiron_24_5411_all-in-onevostro_3510xps_13_9310_2-in-1inspiron_5400_firmwarelatitude_5424_ruggedinspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1latitude_7330inspiron_14_5420inspiron_7506_2-in-1latitude_5330_firmwareprecision_3650_towervostro_3881_firmwarelatitude_7200_2-in-1latitude_5511_firmwarelatitude_3430_firmwareprecision_3550inspiron_3891_firmwareoptiplex_3090_ultra_firmwarexps_13_7390_2-in-1_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1optiplex_5090_tower_firmwareoptiplex_3090_ultralatitude_5490vostro_5620_firmwareinspiron_3520_firmwarelatitude_3190_2-in-1inspiron_3891xps_13_9305vostro_5310optiplex_7000_xe_micro_firmwarelatitude_9410_firmwarevostro_7590optiplex_7090_firmwareinspiron_7300_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwareg15_5511_firmwarelatitude_7410_firmwareprecision_3660latitude_5310_2-in-1vostro_3910inspiron_14_5418_firmwarelatitude_7230_rugged_extreme_tablet_firmwarelatitude_rugged_7330_firmwareinspiron_3020_desktoplatitude_7390_firmwarelatitude_5500_firmwarelatitude_5410_firmwarelatitude_5430xps_13_7390latitude_3530_firmwarelatitude_3400_firmwarevostro_3890latitude_3510chengming_3901_firmwareprecision_3560_firmwarelatitude_5495_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg7_15_7500optiplex_5080_firmwareinspiron_14_7420_2-in-1_firmwarexps_17_9700_firmwarevostro_3520_firmwareoptiplex_xe4_firmwareoptiplex_7000_micro_firmwarelatitude_5530_firmwareprecision_5470vostro_3590precision_3470_firmwareoptiplex_small_form_factor_plus_7010inspiron_15_5510vostro_5590_firmwarevostro_3020_tower_desktop_firmwareinspiron_16_plus_7620_firmwareprecision_7530_firmwarechengming_3901optiplex_5000_tower_firmwareoptiplex_micro_7010xps_13_9300xps_15_9500latitude_5500inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3900_firmwarechengming_3991precision_3260_xe_compact_firmwareprecision_3260_xe_compactinspiron_7501_firmwareoptiplex_5090_small_form_factorinspiron_7500_2-in-1_blackg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwarevostro_5320_firmwareprecision_3450_firmwareprecision_3460_small_form_factorchengming_3990inspiron_5301latitude_5491_firmwareprecision_3470vostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwareoptiplex_small_form_factor_plus_7010_firmwarelatitute_5421latitude_5520latitude_3410_firmwareinspiron_7510inspiron_7400_firmwareprecision_3260_compact_firmwareoptiplex_5400_all-in-onelatitude_3320precision_3530_firmwarexps_13_9310_2-in-1_firmwarevostro_5320xps_13_9315_2-in-1_firmwarexps_15_9575_2-in-1_firmwareinspiron_3020_small_desktopprecision_7750latitude_3430latitude_3320_firmwareoptiplex_5490_all-in-one_firmwareoptiplex_7080g15_5510inspiron_15_5518vostro_7500_firmwarelatitude_9330inspiron_16_7620_2-in-1_firmwareinspiron_15_3511inspiron_5310vostro_5510_firmwarelatitude_5424_rugged_firmwareoptiplex_5000_small_form_factor_firmwarelatitude_rugged_7330chengming_3910_firmwarelatitude_7300_firmwarelatitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwareoptiplex_5090_micro_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwareoptiplex_5000_micro_firmwarelatitude_3310_2-in-1_firmwareg7_15_7500_firmwarelatitude_5320latitude_3330optiplex_7000_small_form_factorlatitude_7410latitude_5501_firmwareprecision_3571xps_13_7390_2-in-1optiplex_3280_all-in-one_firmwarexps_15_9500_firmwareoptiplex_xe4_oemreadylatitude_5411optiplex_5090_microvostro_3020_tower_desktopprecision_7760xps_17_9720_firmwarevostro_3500_firmwareinspiron_7306_2-in-1_firmwarelatitude_7320_detachablelatitude_9520vostro_3520inspiron_5509vostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_27_7710_all-in-oneinspiron_5498latitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300precision_7670inspiron_5508precision_5550_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_5490precision_7670_firmwareinspiron_5301_firmwareinspiron_5408_firmwareinspiron_5498_firmwareprecision_3571_firmwarevostro_5490_firmwarevostro_5620latitude_7520_firmwarelatitude_5431vostro_3710optiplex_3000_thin_client_firmwarelatitude_5420inspiron_5402_firmwareprecision_7560_firmwareoptiplex_micro_plus_7010latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490precision_7770latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareoptiplex_5000_microinspiron_5410_firmwareinspiron_15_5510_firmwareinspiron_5408vostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwarelatitude_7430g3_3500_firmwareoptiplex_3000_small_form_factoroptiplex_3080_firmwarexps_13_plus_9320_firmwareoptiplex_small_form_factor_7010_firmwarelatitude_3410vostro_5402_firmwarelatitude_rugged_7220g5_15_5590inspiron_7700_all-in-one_firmwareinspiron_3881optiplex_7490_all-in-one_firmwarexps_13_9380latitude_5531precision_3660_firmwarevostro_3020_small_desktop_firmwarechengming_3910optiplex_3000_micro_firmwarevostro_3420optiplex_5000_small_form_factorlatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_3140latitude_3500latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwarexps_15_7590latitude_3300vostro_5590optiplex_micro_plus_7010_firmwareinspiron_5401_firmwareprecision_3460_xe_small_form_factorvostro_5501xps_15_9520latitude_7320_firmwareoptiplex_5490_all-in-onexps_8940_firmwarelatitude_3120latitude_rugged_7220_firmwareprecision_3560inspiron_5401_aiolatitude_rugged_7220exinspiron_5509_firmwarelatitude_7200_2-in-1_firmwareinspiron_3020_desktop_firmwareinspiron_5598_firmwareinspiron_13_5320_firmwarevostro_3910_firmwarelatitude_7290_firmwareprecision_5770chengming_3911precision_7530vostro_7620inspiron_5391_firmwareinspiron_5502_firmwarexps_15_7590_firmwareinspiron_3490_firmwareinspiron_14_plus_7420_firmwareg15_5520inspiron_5409_firmwarexps_13_9380_firmwarelatitude_7490optiplex_7000_towerlatitude_5521_firmwareoptiplex_5000_towerinspiron_5401latitute_5421_firmwareoptiplex_xe4vostro_5591_firmwareCPG BIOS
CWE ID-CWE-195
Signed to Unsigned Conversion Error
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2023-25940
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.64%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 10:14
Updated-11 Feb, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-25536
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-02 Mar, 2023 | 15:55
Updated-05 Mar, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2025-46696
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 4.63%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 15:01
Updated-03 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-secure_connect_gatewaySecure Connect Gateway (SCG) ApplianceSecure Connect Gateway (SCG) Application
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2025-46644
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.03% / 9.31%
||
7 Day CHG-0.00%
Published-09 Jan, 2026 | 15:31
Updated-05 Feb, 2026 | 13:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS 2025PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-43906
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.73%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:02
Updated-14 Oct, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-43884
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.02% / 3.61%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 15:47
Updated-17 Sep, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_managerPowerProtect Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-46365
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.29%
||
7 Day CHG~0.00%
Published-05 Nov, 2025 | 16:40
Updated-07 Nov, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.

Action-Not Available
Vendor-Dell Inc.
Product-cloudlinkCloudLink
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-43908
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 7.28%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:22
Updated-14 Oct, 2025 | 20:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-43890
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.73%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 17:53
Updated-14 Oct, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-46366
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.34%
||
7 Day CHG~0.00%
Published-05 Nov, 2025 | 16:50
Updated-07 Nov, 2025 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.

Action-Not Available
Vendor-Dell Inc.
Product-cloudlinkCloudLink
CWE ID-CWE-256
Plaintext Storage of a Password
CVE-2025-43911
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.73%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:08
Updated-14 Oct, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemDell PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleaseDell PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-43722
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.01%
||
7 Day CHG~0.00%
Published-08 Sep, 2025 | 18:43
Updated-09 Oct, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-36565
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.83%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 19:49
Updated-14 Oct, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2025-36566
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.73%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 19:44
Updated-14 Oct, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-31239
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.58%
||
7 Day CHG~0.00%
Published-21 Oct, 2022 | 18:05
Updated-07 May, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2025-36567
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.73%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 19:32
Updated-14 Oct, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-1185
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-1.31% / 79.42%
||
7 Day CHG~0.00%
Published-03 Feb, 2018 | 01:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_recoverpointemc_recoverpoint_for_virtual_machinesEMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, EMC RecoverPoint versions prior to 5.0.1.3
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-36569
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.28%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 19:38
Updated-14 Oct, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-30096
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.13%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:32
Updated-16 Oct, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-30097
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.13%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:38
Updated-16 Oct, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-29988
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 17.11%
||
7 Day CHG~0.00%
Published-09 Apr, 2025 | 02:25
Updated-12 Jan, 2026 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_3410_firmwareprecision_3590_firmwarelatitude_5430_rugged_laptop_firmwarealienware_m16_r2inspiron_14_7441_firmwareoptiplex_micro_7020inspiron_14_5410latitude_5521_firmwarealienware_m18_r1vostro_3500_firmwareoptiplex_xe4_towerinspiron_14_5440latitude_7420_firmwareinspiron_14_5420_firmwareinspiron_7710_all-in-one_firmwareoptiplex_5490_all-in-one_firmwareoptiplex_5000_small_form_factoroptiplex_tower_plus_7010chengming_3911optiplex_3000_small_form_factor_firmwarelatitude_7650precision_5550_firmwarelatitude_7450_firmwarexps_9315_2-in-1latitude_5520_firmwareprecision_3560vostro_16_5640precision_7780_firmwarexps_16_9640pro_14_premium_pa14250pro_14_plus_pb14250_firmwareprecision_3490optiplex_3000_microoptiplex_all-in-one_7410_firmwareinspiron_15_5518_firmwarelatitude_3410latitude_3550latitude_3340_firmwareprecision_5770_firmwareinspiron_3030sinspiron_7710_all-in-oneprecision_5750_firmwareoptiplex_7000_xe_micro_firmwarexps_15_9520_firmwarevostro_5620_firmwarevostro_14_3430_firmwarelatitude_3450_firmwarelatitude_5421precision_5470_firmwareprecision_3561optiplex_3000_thin_clientvostro_14_3420_firmwareprecision_3580_firmwarelatitude_7330_rugged_laptopprecision_5760vostro_5620latitude_7320_detachable_firmwareoptiplex_5090_tower_firmwarelatitude_7640precision_3591_firmwarealienware_x16_r2_firmwarelatitude_3320_firmwarelatitude_5540g16_7620_firmwarelatitude_7320_detachableprecision_3260_compactinspiron_13_5330optiplex_small_form_factor_plus_7010alienware_m18_r2_firmwareinspiron_14_5410_2-in-1latitude_3510_firmwareprecision_7760xps_15_9510inspiron_15_3511_firmwarealienware_area-51_aat2250_firmwarelatitude_3540vostro_5320optiplex_5400_all-in-one_firmwarealienware_x16_r1latitude_7350_firmwarealienware_m15_r7latitude_3330_firmwareoptiplex_5000_microxps_13_9310_2-in-1pro_rugged_13_ra13250vostro_3030precision_7770xps_17_9710_firmwarevostro_14_3420latitude_7455_firmwareprecision_3260_xe_compactoptiplex_5000_small_form_factor_firmware16_plus_2-in-1_db06250_firmwareprecision_7780latitude_7350_detachable_firmwareprecision_3260_xe_compact_firmwareoptiplex_3000_thin_client_firmwarelatitude_9330_firmwareinspiron_16_7620_2-in-1precision_3460_xe_small_form_factorxps_9320_firmwarelatitude_3440_firmwarelatitude_9420_firmwareg15_5510_firmwarelatitude_5520inspiron_14_5410_firmwarevostro_3020_tower_desktop_firmwareprecision_7680vostro_13_5310_firmwarevostro_14_5410_firmwareinspiron_16_plus_7630latitude_5450latitude_5455_firmwareprecision_3470inspiron_24_5430_all-in-one_firmwarexps_17_9710latitude_3330optiplex_micro_plus_7010g15_5520latitude_5431_firmwareoptiplex_xe4_tower_firmwareinspiron_16_7640_2-in-1optiplex_7000_towerprecision_3260_compact_firmwarepro_rugged_14_rb14250latitude_7650_firmwareprecision_7875_towervostro_16_5630_firmwarevostro_15_7510_firmwareoptiplex_micro_7010inspiron_3020_small_desktopoptiplex_7090_ultra_firmwarelatitude_7530_firmwarelatitude_3320precision_5760_firmwareinspiron_14_5410_2-in-1_firmwarealienware_aurora_act1250_firmware14_plus_db14250vostro_3020_small_desktop_firmwareinspiron_13_5310precision_5470vostro_3500precision_5860_towerpro_14_premium_pa14250_firmwarexps_13_9305latitude_9450inspiron_16_plus_7640_firmwarevostro_15_5510_firmwarelatitude_7320_firmwareoptiplex_7400_all-in-one_firmwarelatitude_7455inspiron_14_7440_2-in-1vostro_3030s_firmwareoptiplex_7000_microinspiron_15_5510_firmwareoptiplex_3090_ultralatitude_5540_firmwareoptiplex_5000_towerprecision_5770inspiron_16_7610latitude_5455latitude_7340_firmwarelatitude_7330_firmwareinspiron_16_7610_firmwareoptiplex_7490_all-in-one_firmwarexps_17_9720_firmwarelatitude_5531vostro_3400inspiron_14_7430_2-in-1_firmwareinspiron_3020_small_desktop_firmwarelatitude_9520precision_5680_firmwareinspiron_14_plus_7430_firmwareprecision_7770_firmwarexps_15_9530latitude_7430inspiron_16_5630_firmwarepro_14_pc14250_firmware16_plus_db16250_firmwarevostro_3910inspiron_3030s_firmwareg15_5530optiplex_small_form_factor_plus_7010_firmwareoptiplex_aio_7420latitude_7030_rugged_extreme_firmwareoptiplex_tower_7020precision_3660_firmwarevostro_15_3510_firmwarevostro_15_3510precision_3480_firmwarelatitude_5320inspiron_14_7420_2-in-1inspiron_13_5330_firmwareoptiplex_5090_small_form_factor_firmwarelatitude_7430_firmware27_all-in-one_ec27250pro_laptop_pc16250_firmwareprecision_3591alienware_x16_r2optiplex_7400_all-in-oneinspiron_27_7730_all-in-one_firmwarelatitude_9430precision_3570precision_7680_firmware14_plus_db14250_firmwareinspiron_3501_firmwarechengming_3911_firmwarelatitude_5320_firmwarelatitude_3540_firmwareinspiron_3030_firmwareprecision_3581_firmwarealienware_m15_r7_firmwareinspiron_14_5420inspiron_14_5430_firmwarevostro_3020_small_desktoplatitude_3550_firmwarelatitude_7330_rugged_laptop_firmwareg15_5530_firmwareinspiron_3891_firmwarelatitude_7520_firmwarexps_9315_2-in-1_firmwarevostro_15_5510optiplex_sff_7020optiplex_tower_7020_firmwarepro_16_plus_pb16250latitude_7230_rugged_extremeoptiplex_7000_tower_firmwarelatitude_3440precision_3280_cff_firmwarealienware_m16_r1precision_3280_cffvostro_3020_tower_desktopoptiplex_3000_small_form_factorlatitude_5530inspiron_15_7510inspiron_16_plus_7630_firmwareinspiron_24_5420_all-in-one_firmwarelatitude_7330precision_7560inspiron_16_5630latitude_7640_firmwareinspiron_16_5620_firmwareinspiron_13_5320xps_13_9315_firmwareinspiron_5410_all-in-one_firmwarelatitude_9440_2-in-1xps_15_9510_firmwarevostro_15_3520_firmwarelatitude_5430_firmwareprecision_3460_small_form_factoralienware_m18_r2latitude_5430precision_7560_firmwareoptiplex_5090_towerinspiron_16_7620_2-in-1_firmwareg16_7630optiplex_7090_ultralatitude_3430_firmwareprecision_5570vostro_5890_firmware24_all-in-one_ec24250_firmwareinspiron_14_544114_plus_2-in-1_db04250vostro_7620latitude_3140optiplex_7090_tower_firmwareoptiplex_tower_7010vostro_15_7510latitude_7530precision_575016_plus_2-in-1_db06250vostro_3710_firmwarelatitude_5330latitude_5420chengming_3910latitude_5350latitude_5530_firmwareinspiron_24_5420_all-in-oneinspiron_15_3520_firmwareprecision_3490_firmwareoptiplex_5000_micro_firmwareinspiron_14_7430_2-in-1latitude_5550_firmwarelatitude_5340_firmwareinspiron_15_5510optiplex_3000_micro_firmwarexps_13_9345xps_13_plus_9320_firmwarexps_15_9500pro_14_plus_pb14250precision_3450_firmwarevostro_5320_firmwarelatitude_3520vostro_14_5410alienware_m15_r6optiplex_3000_towerinspiron_13_5320_firmwarexps_13_9345_firmwareprecision_3571xps_13_9340_firmwarevostro_16_5630latitude_7420optiplex_5490_all-in-onealienware_x14_r2latitude_7350_detachableinspiron_16_plus_7640vostro_3710precision_5860_tower_firmwarelatitude_5450_firmwareprecision_7875_tower_firmwarevostro_14_3440_firmwarevostro_3890_firmwarevostro_5890latitude_5440optiplex_5090_small_form_factorvostro_13_5310vostro_14_3440inspiron_14_plus_7420_firmwareg16_7620optiplex_xe4_sfflatitude_7350xps_16_9640_firmwarexps_13_9310precision_3581vostro_15_3530_firmwareinspiron_5410_all-in-onelatitude_3140_2in1_firmwarelatitude_3140_2in1xps_14_9440_firmwarelatitude_7030_rugged_extremexps_13_934027_all-in-one_ec27250_firmwareoptiplex_tower_7010_firmwareprecision_5680latitude_3430precision_3480latitude_9420alienware_area-51_aat2250pro_16_plus_pb16250_firmwarelatitude_5350_firmwarealienware_m18_r1_firmwarexps_17_9720inspiron_16_plus_7620_firmwareoptiplex_7000_small_form_factor_firmwareoptiplex_tower_plus_7010_firmwareprecision_5560_firmwareg16_7630_firmwareoptiplex_7000_micro_firmwarexps_13_plus_9320vostro_3890g15_5520_firmwareinspiron_14_5440_firmwareoptiplex_7490_all-in-oneinspiron_16_7640_2-in-1_firmwarepro_14_pc14250latitude_5550alienware_x14_r2_firmwareprecision_5490xps_13_9305_firmwareinspiron_15_7510_firmwareg15_5511xps_17_9730_firmwareprecision_5570_firmwareg15_5511_firmwarelatitude_5420_firmwarealienware_x16_r1_firmwarepro_13_plus_pb13250alienware_aurora_act1250latitude_7520latitude_5440_firmwarelatitude_3450chengming_3900_firmwarepro_16_pc16250optiplex_micro_7020_firmwaretower_plus_ebt2250precision_7670chengming_3900pro_rugged_14_rb14250_firmwarepro_13_plus_pb13250_firmwareprecision_7670_firmwareoptiplex_5090_microoptiplex_small_form_factor_7010precision_5690precision_5550latitude_7320pro_laptop_pc14250_firmwareinspiron_27_7720_all-in-oneinspiron_14_plus_7420xps_13_9315vostro_3030slatitude_3530xps_15_9520optiplex_7000_xe_microinspiron_27_7720_all-in-one_firmwareoptiplex_7000_small_form_factoroptiplex_all-in-one_7410inspiron_3030latitude_9330latitude_9520_firmwareprecision_3570_firmwarepro_rugged_13_ra13250_firmwareinspiron_14_plus_7430inspiron_3891pro_16_pc16250_firmwarepro_laptop_pc16250xps_14_9440vostro_3910_firmwareoptiplex_micro_7010_firmwareinspiron_3020_desktop_firmwareoptiplex_aio_7420_firmwareoptiplex_xe4_sff_firmwarexps_13_9350precision_tower_7865_firmwaretower_plus_ebt2250_firmwareprecision_3460_small_form_factor_firmwarelatitude_7340precision_3560_firmwareg15_5510optiplex_7090_towerlatitude_3510latitude_3140_firmwarevostro_15_3530precision_5490_firmwarexps_13_9350_firmware24_all-in-one_ec24250optiplex_sff_7020_firmwareoptiplex_micro_plus_7010_firmwarelatitude_9440_2-in-1_firmwareinspiron_16_7630_2-in-1precision_556014_plus_2-in-1_db04250_firmwarevostro_3400_firmwareinspiron_14_5441_firmwareinspiron_14_7440_2-in-1_firmwarelatitude_9450_firmwarexps_9320latitude_3340precision_7760_firmwarevostro_14_3430precision_5480_firmwareprecision_5690_firmwareinspiron_13_5310_firmwareprecision_7960_tower_firmwareinspiron_16_5640latitude_7440_firmwarexps_15_9500_firmwareinspiron_14_5418precision_7960_towerprecision_tower_7865vostro_15_3520inspiron_15_3511latitude_5431inspiron_14_5430pro_13_premium_pa13250_firmwarelatitude_5531_firmwarealienware_m16_r2_firmwarepro_laptop_pc14250vostro_3690inspiron_16_plus_7620xps_17_9730inspiron_16_7630_2-in-1_firmwarelatitude_9430_firmwareprecision_3680_tower_firmwareprecision_3450latitude_3420_firmwarealienware_m15_r6_firmwareinspiron_3020_desktopvostro_16_5640_firmwarealienware_m16_r1_firmwarelatitude_5421_firmwareinspiron_24_5430_all-in-oneprecision_3660latitude_7450vostro_3690_firmwarexps_13_9310_2-in-1_firmwareprecision_3580precision_5480precision_3460_xe_small_form_factor_firmwareprecision_3650_towervostro_7620_firmwarelatitude_5330_firmwarexps_13_9310_firmwareoptiplex_small_form_factor_7010_firmwarelatitude_3420precision_3650_tower_firmwarepro_13_premium_pa13250precision_3571_firmwarelatitude_3530_firmwareinspiron_15_5518latitude_7440precision_3470_firmwareoptiplex_3090_ultra_firmwarelatitude_5430_rugged_laptopprecision_3561_firmwarexps_15_9530_firmwareprecision_3590inspiron_15_3520latitude_5340inspiron_16_5640_firmwareinspiron_27_7730_all-in-onevostro_3030_firmwareinspiron_3910_firmwareoptiplex_5400_all-in-oneinspiron_14_7420_2-in-1_firmwarelatitude_3520_firmwareinspiron_14_5418_firmwareoptiplex_5000_tower_firmwareinspiron_15_3530inspiron_14_plus_7440_firmwareinspiron_15_3530_firmwarelatitude_7230_rugged_extreme_firmwareoptiplex_3000_tower_firmwarelatitude_5521inspiron_16_5620precision_3680_tower16_plus_db16250optiplex_5090_micro_firmwareinspiron_3910inspiron_14_plus_7440inspiron_14_7441inspiron_3501chengming_3910_firmwareDell Client Platform BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30098
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.13%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 14:42
Updated-16 Oct, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain LTS 2023PowerProtect Data Domain Feature ReleasePowerProtect Data Domain LTS2024
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-46756
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.07% / 20.03%
||
7 Day CHG-0.07%
Published-01 Feb, 2023 | 05:37
Updated-27 Mar, 2025 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_managerVxRail HCI
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2022-45095
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 48.13%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:45
Updated-27 Mar, 2025 | 13:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-44279
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.89%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 15:22
Updated-01 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_domainpowerprotect_data_protectiondd9400dp5900apex_protection_storagepowerprotect_data_domain_management_centeremc_data_domain_osdd6400dd3300dd9900dd6900dp4400PowerProtect DDpowerprotect_data_domain
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-48668
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.31%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 15:45
Updated-02 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the managed system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker on a managed system of DDMC.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_domain_management_center PowerProtect DD
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34422
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:58
Updated-26 Feb, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34417
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:50
Updated-26 Feb, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34401
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.01%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 05:51
Updated-03 Apr, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-g15_5525_firmwarealienware_m17_r5_firmwarealienware_m15_a6_firmwareg15_5525alienware_m15_a6alienware_m17_r5CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34413
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:35
Updated-26 Feb, 2025 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34409
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:26
Updated-26 Feb, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34434
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.12%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 16:40
Updated-19 May, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.

Action-Not Available
Vendor-Dell Inc.
Product-cloud_mobility_for_dell_emc_storageCloud Mobility for Dell Storage
CWE ID-CWE-285
Improper Authorization
CVE-2022-34406
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:00
Updated-26 Feb, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34454
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.94%
||
7 Day CHG+0.07%
Published-10 Feb, 2023 | 09:48
Updated-24 Mar, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34411
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:31
Updated-26 Feb, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34421
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:57
Updated-26 Feb, 2025 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34419
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:54
Updated-26 Feb, 2025 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34414
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:37
Updated-26 Feb, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34438
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.36%
||
7 Day CHG~0.00%
Published-21 Oct, 2022 | 18:05
Updated-07 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-34415
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:44
Updated-26 Feb, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34391
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-16 May, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_area-51_r4_firmwarealienware_area-51_r5_firmwarealienware_area-51_r5alienware_area-51_r4CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34418
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 11:52
Updated-26 Feb, 2025 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-r750xa_firmwaret430_firmwarer6515_firmwaret350_firmwarefc430_firmwarem630_firmwaret550_firmwarer430nx3330r750xac6420r6515fc430r530_firmwarer930_firmwarer450r650_firmwarer6415t130_firmwarec6520_firmwaret440xe7420m630r640_firmwarer740r550_firmwarec4130_firmwarer830r940xar7515_firmwaret340_firmwarer240_firmwarer630_firmwarenx3230fc640_firmwarem830pr250fc630_firmwarer940xa_firmwarexe2420_firmwarenx3340t640_firmwarer940_firmwarexe7440r230_firmwarem830_firmwarec4140_firmwarec6320_firmwarexr12_firmwarem640pr750fc630r730xd_firmwarer7415r550r6415_firmwarer340xe8545r650nx430_firmwarefc640r630c4130r740xd2_firmwarer7425_firmwarer240c6420_firmwaret330_firmwaremx740cr7425r330_firmwarec6525t140r750xs_firmwarer330nx430r640nx440_firmwaremx840cm630pnx3340_firmwarer750xst630m640c6320r430_firmwarer650xsr350t150_firmwarer750_firmwaret150r6525mx840c_firmwarer740_firmwarer450_firmwarenx3240_firmwarec4140t630_firmwaret340t130t430r440_firmwarer530dss8440_firmwaremx740c_firmwarer250_firmwarer940r340_firmwarer7415_firmwarer840r730nx3240m830m640p_firmwarexe8545_firmwarer440r740xd2r7525_firmwarer6525_firmwarer730xdr540r230mx750c_firmwarer840_firmwarer740xd_firmwarer7525xe2420xr11_firmwaredss8440xr11m630p_firmwarefc830r350_firmwaret550xr12nx3330_firmwaremx750cnx440t640r830_firmwarer540_firmwarem830p_firmwaret350fc830_firmwaret140_firmwarexe7440_firmwarer730_firmwarexr2m640_firmwarer740xdr7515t330c6525_firmwarexe7420_firmwarer650xs_firmwaret440_firmwarexr2_firmwarer930nx3230_firmwarec6520PowerEdge Platform
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found