Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-32472

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-10 Jul, 2024 | 02:32
Updated At-26 Sep, 2024 | 11:57
Rejected At-
Credits

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:10 Jul, 2024 | 02:32
Updated At:26 Sep, 2024 | 11:57
Rejected At:
▼CVE Numbering Authority (CNA)

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

Affected Products
Vendor
Dell Inc.Dell
Product
PowerSwitch Z9664F-ON BIOS
Default Status
unaffected
Versions
Affected
  • From N/A before v1.05.10 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787: Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.15.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Dell Technologies would like to thank the BINARLY efiXplorer team for reporting these issues
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Dell Inc.dell
Product
powerswitch_z9664f_on-bios
CPEs
  • cpe:2.3:a:dell:powerswitch_z9664f_on-bios:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before v1.05.10 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
vendor-advisory
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:10 Jul, 2024 | 03:15
Updated At:26 Sep, 2024 | 12:15

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Secondary3.15.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CPE Matches
Dell Inc.
dell
>>edge_gateway_3200_firmware>>-
cpe:2.3:o:dell:edge_gateway_3200_firmware:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_3200>>-
cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_5200_firmware>>Versions before 1.05.10(exclusive)
cpe:2.3:o:dell:edge_gateway_5200_firmware:*:*:*:*:*:*:*:*
Dell Inc.
dell
>>edge_gateway_5200>>-
cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarysecurity_alert@emc.com
CWE-787Secondarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: security_alert@emc.com
CWE ID: CWE-787
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200security_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-in/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

108Records found
CVE-2023-32466
Matching Score-10
Assigner-Dell
ShareView Details
Matching Score-10
Assigner-Dell
CVSS Score-5.7||MEDIUM
EPSS-0.08% / 24.03%
||
7 Day CHG~0.00%
Published-24 Jul, 2024 | 07:04
Updated-11 Sep, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.

Action-Not Available
Vendor-Dell Inc.
Product-edge_gateway_3200edge_gateway_3200_firmwareDell Edge Gateway 3200dell_edge_gateway_3200
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-46756
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.53%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:37
Updated-27 Mar, 2025 | 13:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_managerVxRail HCI
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2021-36285
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.7||MEDIUM
EPSS-0.05% / 14.46%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 19:20
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_9520latitude_7320_firmwarelatitude_7280_firmwarelatitude_9410latitude_5310_2-in-1precision_3551latitude_7212_rugged_extreme_tablet_firmwarelatitude_7212_rugged_extreme_tabletlatitude_7420latitude_7480precision_3640_tower_firmwarelatitude_5500_firmwarelatitude_5511_firmwareoptiplex_3280_aio_firmwarelatitude_5310_2-in-1_firmwarelatitude_5520latitude_5411_firmwarelatitude_5500optiplex_3080_firmwarelatitude_7370latitude_7370_firmwareoptiplex_7480_aiolatitude_7420_firmwarelatitude_5400_firmwarelatitude_7480_firmwarelatitude_5320_firmwarelatitude_5511optiplex_3080latitude_9510precision_3551_ffirmwareoptiplex_7480_aio_firmwarelatitude_5320latitude_9410_firmwarelatitude_9520_firmwarelatitude_9510_firmwareoptiplex_3280_aiolatitude_5411latitude_5520_firmwareprecision_3640_towerlatitude_7280latitude_7320latitude_5400CPG BIOS
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2021-36284
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.7||MEDIUM
EPSS-0.05% / 14.46%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 19:20
Updated-17 Sep, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_9520latitude_7320_firmwarelatitude_7280_firmwarelatitude_9410latitude_5310_2-in-1precision_3551latitude_7212_rugged_extreme_tablet_firmwarelatitude_7212_rugged_extreme_tabletlatitude_7420latitude_7480precision_3640_tower_firmwarelatitude_5500_firmwarelatitude_5511_firmwareoptiplex_3280_aio_firmwarelatitude_5310_2-in-1_firmwarelatitude_5520latitude_5411_firmwarelatitude_5500optiplex_3080_firmwarelatitude_7370latitude_7370_firmwareoptiplex_7480_aiolatitude_7420_firmwarelatitude_5400_firmwarelatitude_7480_firmwarelatitude_5320_firmwarelatitude_5511optiplex_3080latitude_9510precision_3551_ffirmwareoptiplex_7480_aio_firmwarelatitude_5320latitude_9410_firmwarelatitude_9520_firmwarelatitude_9510_firmwareoptiplex_3280_aiolatitude_5411latitude_5520_firmwareprecision_3640_towerlatitude_7280latitude_7320latitude_5400CPG BIOS
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2025-36600
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.02% / 2.37%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 14:17
Updated-18 Aug, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_12_rugged_extreme_7214_firmwarelatitude_12_rugged_extreme_7214Client Platform BIOS
CWE ID-CWE-1257
Improper Access Control Applied to Mirrored or Aliased Memory Regions
CVE-2021-21522
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.09%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 19:20
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5290_2-in-1latitude_7210_2-in-1_firmwarelatitude_7280_firmwarelatitude_9410xps_13_9360latitude_5310_2-in-1latitude_7290xps_13_9360_firmwarelatitude_7389latitude_7212_rugged_extreme_tablet_firmwarelatitude_7212_rugged_extreme_tabletlatitude_7490_firmwarelatitude_7420latitude_7480precision_3640_tower_firmwarelatitude_7390_firmwarelatitude_5285_2-in-1precision_5520latitude_5310_2-in-1_firmwarelatitude_7380_firmwarelatitude_7370latitude_7370_firmwarexps_13_9370latitude_7390_2-in-1_firmwareprecision_5510_firmwarelatitude_7285latitude_7390latitude_5289_2-in-1latitude_7420_firmwarelatitude_7480_firmwarelatitude_7290_firmwarelatitude_5289_2-in-1_firmwarelatitude_7210_2-in-1latitude_7310_firmwarelatitude_7390_2-in-1precision_5530_2-in-1precision_5530_2-in-1_firmwarelatitude_5285_2-in-1_firmwarexps_15_9575_2-in-1_firmwarelatitude_9510latitude_5290_2-in-1_firmwareprecision_5510latitude_7380latitude_7490latitude_7389_firmwarelatitude_9410_firmwarelatitude_7410precision_5520_firmwarelatitude_9510_firmwarelatitude_7310xps_15_9575_2-in-1precision_3640_towerlatitude_7285_firmwarexps_13_9370_firmwarelatitude_7280latitude_7410_firmwareCPG BIOS
CWE ID-CWE-255
Not Available
CVE-2021-21558
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.86%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 18:05
Updated-16 Sep, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.

Action-Not Available
Vendor-Dell Inc.
Product-emc_networkerNetWorker
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2022-34383
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-0.04% / 13.11%
||
7 Day CHG~0.00%
Published-31 Aug, 2022 | 20:05
Updated-16 Sep, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-edge_gateway_5200edge_gateway_5200_firmwareEdge Gateway 5200
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34380
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-9.3||CRITICAL
EPSS-0.01% / 0.63%
||
7 Day CHG~0.00%
Published-01 Sep, 2022 | 18:45
Updated-16 Sep, 2024 | 23:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.

Action-Not Available
Vendor-Dell Inc.
Product-cloudlinkCloudLink
CWE ID-CWE-287
Improper Authentication
CVE-2024-52541
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.05% / 14.72%
||
7 Day CHG~0.00%
Published-19 Feb, 2025 | 16:46
Updated-19 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.
Product-Dell Client Platform BIOS
CWE ID-CWE-1390
Weak Authentication
CVE-2023-32467
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-5.7||MEDIUM
EPSS-0.06% / 17.63%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 02:39
Updated-10 Sep, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege.

Action-Not Available
Vendor-Dell Inc.
Product-edge_gateway_5200edge_gateway_5000_firmwarechengming_3977_firmwarexps_13_9350_firmwarexps_13_9350edge_gateway_3200edge_gateway_3200_firmwarechengming_3977edge_gateway_5100_firmwareedge_gateway_5100edge_gateway_5000edge_gateway_5200_firmwarePowerSwitch Z9664F-ON BIOS
CWE ID-CWE-665
Improper Initialization
CVE-2022-32488
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28073
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.01% / 0.84%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 10:42
Updated-04 Dec, 2024 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5530precision_3570_firmwarelatitude_5530_firmwareprecision_3570CPG BIOS
CWE ID-CWE-287
Improper Authentication
CVE-2023-48668
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.41%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 15:45
Updated-02 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the managed system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker on a managed system of DDMC.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_data_domain_management_center PowerProtect DD
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-24421
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24419
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-23693
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.83%
||
7 Day CHG~0.00%
Published-23 May, 2023 | 06:02
Updated-17 Jan, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_hyperconverged_infrastructureDell VxRail HCI
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-24416
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.98%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24420
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24415
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 02:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-43587
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:05
Updated-17 Sep, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.

Action-Not Available
Vendor-Dell Inc.
Product-powerpath_management_appliancePowerPath Management Appliance
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2019-3767
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.08%
||
7 Day CHG~0.00%
Published-14 Oct, 2019 | 17:10
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially retrieve this sensitive information to then compromise the system and related systems.

Action-Not Available
Vendor-Dell Inc.
Product-imageassistImageAssist
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-32859
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:39
Updated-19 Sep, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32858
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 12:48
Updated-24 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_aurora_r10alienware_x14_firmwarealienware_m15_r3_firmwarealienware_aurora_r10_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r11_firmwarealienware_aurora_r11alienware_aurora_r15aurora_r16alienware_aurora_r12inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOSalienware_aurora_r11_firmwarealienware_aurora_r13_firmwarealienware_aurora_r12_firmwarexps_8950_firmwarexps_8960_firmwarealienware_aurora_r15_amd_firmwareinspiron_3502_firmwarealienware_aurora_r15_firmwarealienware_aurora_r14_ryzen_edition_firmwarealienware_aurora_r16_firmwarealienware_aurora_r10_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-39584
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.03% / 7.07%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 05:46
Updated-20 Dec, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_x17_r1alienware_m17_r4_firmwarealienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960xps_8950alienware_x15_r1_firmwarealienware_x15_r1xps_8960_firmwarealienware_aurora_ryzen_edition_r14inspiron_3502_firmwarealienware_aurora_r13inspiron_15_3521_firmwareinspiron_15_3510alienware_m17_r4alienware_area_51m_r2xps_8950_firmwarealienware_x17_r1_firmwarealienware_x14_firmwarealienware_m15_r3_firmwarealienware_m17_r3_firmwarealienware_x17_r2_firmwarealienware_m15_r4alienware_x14inspiron_3502inspiron_15_3521alienware_m15_r3alienware_aurora_r15_amdalienware_aurora_r15aurora_r16inspiron_15_3510_firmwarealienware_aurora_r15_firmwareaurora_r16_firmwareDell Client Platform BIOSalienware_x15_r1_firmwarealienware_aurora_r15_amd_firmwarealienware_m17_r3_firmwarealienware_x14_firmware
CWE ID-CWE-1392
Use of Default Credentials
CVE-2022-32489
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.06% / 17.44%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32860
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 13:00
Updated-16 Aug, 2024 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_x15_r2_firmwarealienware_aurora_r13_firmwarealienware_x17_r2alienware_m17_r4_firmwarealienware_x17_r1alienware_x15_r2alienware_m17_r3alienware_aurora_r15_amd_firmwarealienware_area_51m_r2_firmwarealienware_aurora_ryzen_edition_r14_firmwarexps_8960inspiron_15_352_firmwarexps_8950alienware_x15_r1_firmwareinspiron_15_352alienware_x15_r1alienware_aurora_ryzen_edition_r14xps_8960_firmwareinspiron_3502_firmwarealienware_aurora_r13inspiron_15_3510alienware_m17_r4alienware_aurora_r12_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarexps_8950_firmwarealienware_x14_firmwarealienware_m15_r3_firmwarealienware_m17_r3_firmwarealienware_aurora_r11_firmwarealienware_aurora_r15_amdalienware_m15_r3alienware_m15_r4alienware_x14alienware_x17_r2_firmwareinspiron_3502inspiron_15_3510_firmwarealienware_aurora_r15alienware_aurora_r12aurora_r16alienware_aurora_r11alienware_aurora_r15_firmwareaurora_r16_firmwareCPG BIOScpg_bios
CWE ID-CWE-20
Improper Input Validation
CVE-2024-37144
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.03% / 7.22%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 02:11
Updated-10 Dec, 2024 | 21:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Insecure Storage of Sensitive Information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use information disclosed to gain unauthorized access to pods within the cluster.

Action-Not Available
Vendor-Dell Inc.
Product-Dell Data LakehouseDell PowerFlex rackDell PowerFlex applianceDell PowerFlex custom nodeDell InsightIQ
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2024-25948
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 5.89%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 07:09
Updated-02 Aug, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Write Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)emc_idrac_service_module
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-25942
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.79%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 07:52
Updated-04 Feb, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-xc730xd_firmwarenx3230_firmwarepoweredge_fc430_firmwarexc430_firmwarepoweredge_r730xdpoweredge_r530poweredge_r630poweredge_r630_firmwarepoweredge_m830_\(pe_vrtx\)poweredge_r730xd_firmwarepoweredge_t630_firmwarepoweredge_c6320_firmwarepoweredge_fc630_firmwarepoweredge_fc430poweredge_m630xc6320_firmwarexc730_firmwarepoweredge_m830_firmwarepoweredge_t430poweredge_r730poweredge_fc630nx3230poweredge_r930_firmwarepoweredge_m630_\(pe_vrtx\)_firmwarenx3330poweredge_r830_firmwarepoweredge_r430_firmwarepoweredge_fc830poweredge_m830_\(pe_vrtx\)_firmwarenx3330_firmwarepoweredge_c4130poweredge_r830xc430poweredge_fc830_firmwarexc6320poweredge_c6320poweredge_r730_firmwarexc730xc730xdpoweredge_c4130_firmwarepoweredge_t430_firmwarepoweredge_r530_firmwarepoweredge_t630xc630_firmwarepoweredge_r430poweredge_m830xc630poweredge_m630_\(pe_vrtx\)poweredge_r930poweredge_m630_firmwarePowerEdge Platform
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-25947
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 5.89%
||
7 Day CHG~0.00%
Published-01 Aug, 2024 | 07:04
Updated-02 Aug, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module version 5.3.0.0 and prior, contain an Out of bound Read Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22453
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 5.59%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 07:42
Updated-04 Feb, 2025 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

Action-Not Available
Vendor-Dell Inc.
Product-xc730xd_firmwarenx3230_firmwarepoweredge_fc430_firmwarexc430_firmwarepoweredge_r730xdpoweredge_r530poweredge_r630poweredge_r630_firmwarepoweredge_m830_\(pe_vrtx\)poweredge_r730xd_firmwarepoweredge_t630_firmwarepoweredge_c6320_firmwarepoweredge_fc630_firmwarepoweredge_fc430poweredge_m630xc6320_firmwarexc730_firmwarepoweredge_m830_firmwarepoweredge_t430poweredge_r730poweredge_fc630nx3230poweredge_r930_firmwarepoweredge_m630_\(pe_vrtx\)_firmwarenx3330poweredge_r830_firmwarepoweredge_r430_firmwarepoweredge_fc830poweredge_m830_\(pe_vrtx\)_firmwarenx3330_firmwarepoweredge_c4130poweredge_r830xc430poweredge_fc830_firmwarexc6320poweredge_c6320poweredge_r730_firmwarexc730xc730xdpoweredge_c4130_firmwarepoweredge_t430_firmwarepoweredge_r530_firmwarepoweredge_t630xc630_firmwarepoweredge_r430poweredge_m830xc630poweredge_m630_\(pe_vrtx\)poweredge_r930poweredge_m630_firmwarePowerEdge Platform
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22448
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 11.06%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 07:30
Updated-04 Feb, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-g5_5500latitude_5511_firmwarelatitude_9510_2in1_firmwareprecision_7750_firmwarexps_9315_2-in-1latitude_5411_firmwareprecision_3450latitude_9410_firmwarelatitude_5420precision_3460_small_form_factorinspiron_5502inspiron_15_3511latitude_5430_rugged_laptop_firmwareoptiplex_5080_firmwarechengming_3990_firmwareinspiron_5406_2-in-1optiplex_3280_all-in-oneprecision_5550latitude_5340_firmwareoptiplex_7000_micro_firmwarevostro_14_3420latitude_3410xps_17_9730_firmwareinspiron_16_7640_2-in-1inspiron_14_5410_firmwareprecision_3550latitude_9420precision_3460_xe_small_form_factor_firmwareinspiron_13_5330latitude_5521optiplex_small_form_factor_7010precision_5570_firmwarexps_13_9310latitude_7430latitude_5531_firmwarealienware_x16_r2_firmwarexps_15_9500_firmwarelatitude_3140latitude_9510_2in1precision_5770_firmwareinspiron_3891_firmwarevostro_15_3520precision_3660_firmwarelatitude_3530optiplex_3000_toweroptiplex_3000_tower_firmwareinspiron_14_plus_7420_firmwareprecision_5570latitude_5530latitude_5430_rugged_laptopprecision_5470latitude_3320_firmwareoptiplex_5080latitude_7410_firmwareprecision_7780vostro_3400_firmwarealienware_m18_r1optiplex_3090_ultra_firmwareinspiron_7306_2-in-1_firmwareinspiron_7506_2-in-1_firmwarevostro_3400alienware_m18_r2_firmwarexps_13_9310_firmwareoptiplex_3090xps_15_9520_firmwareprecision_3551_firmwarelatitude_9520vostro_15_5510latitude_5520_firmwarelatitude_7440_firmwareg16_7630vostro_15_7510_firmwarevostro_3910_firmwarelatitude_7340xps_15_9510_firmwareinspiron_15_3511_firmwareoptiplex_5090_towerlatitude_7030_rugged_extremevostro_3888inspiron_5402_firmwareprecision_3440xps_17_9720inspiron_3881_firmwareinspiron_27_7710_all-in-oneoptiplex_micro_7010precision_7670vostro_7500_firmwareinspiron_7300xps_13_9310_2-in-1optiplex_7490_all-in-oneprecision_3460_xe_small_form_factorinspiron_5502_firmwareg15_5530_firmwarevostro_5502_firmwarelatitude_7310_firmwareprecision_7760precision_7760_firmwareinspiron_13_5320_firmwarealienware_m16_r1optiplex_micro_7010_firmwareoptiplex_tower_7010_firmwareinspiron_3020_desktop_firmwarevostro_7620_firmwareinspiron_5400latitude_5421_firmwareinspiron_5409g15_5520_firmwarexps_13_9340_firmwareinspiron_5401_aio_firmwarealienware_m18_r1_firmwareinspiron_5401latitude_7420inspiron_15_5518latitude_9440_2-in-1_firmwarexps_15_9510optiplex_7400_all-in-one_firmwarelatitude_5330chengming_3900precision_3640latitude_7330_firmwareinspiron_3020_desktopinspiron_15_5518_firmwareprecision_3240_compactoptiplex_7490_all-in-one_firmwareinspiron_13_5320vostro_3881g15_5511_firmwareprecision_7670_firmwarevostro_3710_firmwareoptiplex_3000_small_form_factorprecision_7560optiplex_3090_ultraalienware_m18_r2latitude_9330_firmwareinspiron_16_7610_firmwarelatitude_7310xps_17_9700_firmwareinspiron_7400latitude_7320_detachableinspiron_16_7620_2-in-1inspiron_5410_firmwarelatitude_7330inspiron_5509_firmwareinspiron_7300_firmwarevostro_5402latitude_3550_firmwarelatitude_7030_rugged_extreme_firmwareprecision_7550_firmwarelatitude_7530vostro_14_5410g16_7620latitude_3550chengming_3911_firmwarealienware_m15_r7_firmwareg7_7700chengming_3900_firmwareinspiron_5410inspiron_5402latitude_5421inspiron_14_5418_firmwareinspiron_14_plus_7440_firmwareinspiron_3891precision_3480latitude_7520inspiron_14_7420_2-in-1_firmwarelatitude_5320precision_7550inspiron_5301vostro_5890inspiron_3910vostro_3500_firmwarevostro_5320latitude_7340_firmwarevostro_14_3430optiplex_5090_small_form_factorinspiron_3030slatitude_9330vostro_14_3440g7_7500latitude_3510_firmwarelatitude_3510inspiron_27_7720_all-in-one_firmwarelatitude_9440_2-in-1optiplex_all-in-one_7410vostro_3690vostro_14_5410_firmwarexps_15_9500inspiron_3020_small_desktop_firmwareoptiplex_micro_plus_7010_firmwareprecision_3581latitude_3140_firmwareg3_3500inspiron_3030s_firmwareprecision_3470_firmwareoptiplex_7000_towervostro_14_3430_firmwarealienware_m15_r7vostro_3888_firmwareoptiplex_7000_tower_firmwarexps_13_9315_firmwarexps_14_9440_firmwareinspiron_7500_firmwareoptiplex_5400_all-in-one_firmwarechengming_3911vostro_15_5510_firmwarevostro_3710inspiron_7306_2-in-1latitude_5540_firmwareprecision_5480_firmwareoptiplex_tower_plus_7010g15_5510latitude_7440latitude_9420_firmwareinspiron_14_5410precision_3470precision_7770_firmwareinspiron_14_7430_2-in-1precision_3551inspiron_14_5420precision_7680precision_5560_firmwareoptiplex_5490_all-in-onelatitude_7330_rugged_laptop_firmwarevostro_3020_tower_desktopoptiplex_5000_tower_firmwareinspiron_15_3530inspiron_16_7610latitude_5410_firmwarealienware_x16_r1inspiron_7700_all-in-one_firmwareoptiplex_7000_xe_microinspiron_27_7710_all-in-one_firmwareprecision_5470_firmwareprecision_7960_towerlatitude_9410inspiron_16_5620_firmwareg7_7700_firmwarevostro_16_5630g7_7500_firmwarelatitude_3340_firmwareinspiron_13_5330_firmwarevostro_15_7510inspiron_7501_firmwareoptiplex_5090_tower_firmwareinspiron_14_5440inspiron_14_plus_7430_firmwareprecision_5860_tower_firmwareoptiplex_3280_all-in-one_firmwarelatitude_5521_firmwareoptiplex_3000_microinspiron_7500optiplex_all-in-one_7410_firmwarexps_17_9720_firmwarevostro_13_5310_firmwarelatitude_3450_firmwareprecision_5760_firmwarealienware_m15_r6_firmwarechengming_3910_firmwareinspiron_16_plus_7620_firmwareoptiplex_5090_small_form_factor_firmwareoptiplex_7080latitude_3120precision_7865_tower_firmwareprecision_3550_firmwarelatitude_3430_firmwareinspiron_14_5418inspiron_15_5510vostro_5301_firmwarevostro_15_3530inspiron_14_7440_2-in-1optiplex_micro_plus_7010precision_5560precision_5680vostro_7500g16_7630_firmwareoptiplex_5000_towerinspiron_24_5420_all-in-oneoptiplex_7000_xe_micro_firmwareprecision_5770inspiron_15_3530_firmwareinspiron_14_7430_2-in-1_firmwareoptiplex_5090_micro_firmwareprecision_5860_towerinspiron_14_5430_firmwareoptiplex_small_form_factor_plus_7010_firmwareinspiron_3910_firmwarelatitude_5330_firmwareoptiplex_5480_all-in-one_firmwareg15_5530optiplex_xe4_tower_firmwarelatitude_7320alienware_m15_r6xps_13_plus_9320inspiron_13_5310_firmwareprecision_3560_firmwareprecision_3581_firmwarexps_15_9520latitude_3450xps_17_9710_firmwarexps_15_9530_firmwareprecision_7960_tower_firmwareprecision_3561_firmwareprecision_3440_firmwareprecision_7875_towerprecision_3450_firmwareprecision_3260_xe_compactvostro_3020_tower_desktop_firmwarelatitude_3120_firmwareinspiron_5509xps_13_plus_9320_firmwareoptiplex_3000_micro_firmwareoptiplex_7090_ultra_firmwarevostro_5620_firmwareinspiron_15_7510alienware_x14_r2vostro_3030sxps_13_9310_2-in-1_firmwareprecision_3650_toweroptiplex_3000_thin_clientprecision_3260_compactprecision_7875_tower_firmwarelatitude_5340precision_3260_compact_firmwarevostro_5880optiplex_5000_micro_firmwareinspiron_27_7720_all-in-oneinspiron_7700_all-in-oneinspiron_3020_small_desktopinspiron_14_7440_2-in-1_firmwareinspiron_5401_firmwarevostro_5320_firmwarelatitude_5310_2-in-1inspiron_16_5640_firmwareprecision_3640_firmwarevostro_3890chengming_3991optiplex_3080_firmwareinspiron_3501optiplex_xe4_towerinspiron_3880_firmwareinspiron_5401_aioinspiron_16_5640latitude_5411latitude_5430latitude_7210_2-in-1inspiron_14_5430latitude_7320_detachable_firmwarexps_17_9730optiplex_5490_all-in-one_firmwarelatitude_7420_firmwarelatitude_5510_firmwareinspiron_24_5420_all-in-one_firmwarexps_13_9340inspiron_16_7620_2-in-1_firmwareinspiron_16_5630g16_7620_firmwareprecision_5480latitude_7230_rugged_extreme_firmwarevostro_3690_firmwareprecision_3571precision_7865_towerprecision_7560_firmwareprecision_5750_firmwarelatitude_3530_firmwareoptiplex_7000_microxps_13_9305latitude_7530_firmwarevostro_15_3530_firmwareinspiron_14_7420_2-in-1latitude_5510latitude_5310_2-in-1_firmwareoptiplex_7400_all-in-oneinspiron_15_7510_firmwareinspiron_16_plus_7640latitude_5320_firmwareprecision_5750inspiron_14_5440_firmwarelatitude_3520_firmwareinspiron_14_plus_7430vostro_3881_firmwareinspiron_7706_2-in-1optiplex_3000_small_form_factor_firmwareprecision_3561latitude_5530_firmwarelatitude_5511precision_3260_xe_compact_firmwareprecision_7780_firmwarevostro_5301precision_5680_firmwarevostro_15_3510_firmwarevostro_5880_firmwareprecision_5550_firmwareoptiplex_7780_all-in-one_firmwareinspiron_16_plus_7630_firmwarealienware_x16_r1_firmwareoptiplex_5000_small_form_factor_firmwareoptiplex_7090_tower_firmwareoptiplex_7480_all-in-onelatitude_9430_firmwarelatitude_3540_firmwareprecision_3571_firmwarexps_14_9440latitude_9430inspiron_7706_2-in-1_firmwareg5_5500_firmwarevostro_15_3520_firmwarechengming_3910inspiron_16_7630_2-in-1optiplex_5000_microlatitude_3440_firmwareoptiplex_7000_small_form_factorinspiron_5409_firmwarevostro_14_3440_firmwareinspiron_7400_firmwareinspiron_14_5420_firmwarelatitude_7320_firmwareprecision_3240_compact_firmwareoptiplex_3080optiplex_small_form_factor_7010_firmwarevostro_3890_firmwareprecision_5760latitude_3420optiplex_7000_small_form_factor_firmwarechengming_3991_firmwareoptiplex_7090_ultraprecision_3560latitude_3330_firmwareoptiplex_7080_firmwareg15_5520latitude_3440latitude_5440_firmwarevostro_3910vostro_5620inspiron_16_plus_7620inspiron_3880inspiron_7506_2-in-1inspiron_5400_firmwareinspiron_16_5630_firmwarexps_13_9315inspiron_15_5510_firmwareprecision_3580_firmwareprecision_3660latitude_3330latitude_7640_firmwarelatitude_3340latitude_5430_firmwarexps_13_9305_firmwarelatitude_3320inspiron_14_plus_7440vostro_5402_firmwareprecision_7680_firmwarevostro_13_5310latitude_5420_firmwareinspiron_7501alienware_x16_r2optiplex_tower_plus_7010_firmwarevostro_3500precision_7750latitude_7330_rugged_laptopvostro_16_5640vostro_7620precision_3480_firmwarelatitude_5531chengming_3990inspiron_14_plus_7420xps_9315_2-in-1_firmwareoptiplex_5400_all-in-oneinspiron_15_3520_firmwarelatitude_3410_firmwarevostro_14_3420_firmwareinspiron_5301_firmwareinspiron_16_plus_7640_firmwareinspiron_3881precision_3570inspiron_16_5620latitude_5410latitude_5440inspiron_24_5410_all-in-one_firmwareoptiplex_5000_small_form_factoralienware_x14_r2_firmwareoptiplex_3090_firmwarelatitude_9520_firmwarelatitude_3420_firmwareoptiplex_5090_microinspiron_5406_2-in-1_firmwarevostro_3681vostro_15_3510inspiron_16_plus_7630optiplex_5480_all-in-onevostro_16_5640_firmwarelatitude_5540vostro_5890_firmwarelatitude_7520_firmwarevostro_3030s_firmwarelatitude_7640precision_3580xps_17_9700precision_3650_tower_firmwareg15_5510_firmwarealienware_m16_r1_firmwarelatitude_3540latitude_5520latitude_5431_firmwarelatitude_7230_rugged_extremelatitude_7210_2-in-1_firmwarelatitude_5431g15_5511inspiron_13_5310inspiron_24_5411_all-in-onexps_15_9530latitude_5310precision_7770g3_3500_firmwarevostro_16_5630_firmwarelatitude_3520inspiron_24_5411_all-in-one_firmwarevostro_3681_firmwareoptiplex_7090_toweroptiplex_3000_thin_client_firmwarevostro_5502inspiron_16_7640_2-in-1_firmwareinspiron_3501_firmwarelatitude_7430_firmwareoptiplex_7480_all-in-one_firmwarexps_17_9710inspiron_24_5410_all-in-oneoptiplex_7780_all-in-oneoptiplex_small_form_factor_plus_7010latitude_3430latitude_7410latitude_5310_firmwareprecision_3460_small_form_factor_firmwareinspiron_15_3520inspiron_16_7630_2-in-1_firmwareoptiplex_tower_7010precision_3570_firmwareCPG BIOSlatitude_5340xps_17_9730latitude_9330precision_3660inspiron_5509vostro_15_3530g7_7700vostro_5502g5_5500latitude_9440_2in1inspiron_13_5330inspiron_5402inspiron_3030slatitude_5310latitude_9430inspiron_7700_aiolatitude_7420optiplex_micro_7010optiplex_tower_7010g7_7500inspiron_5409g16_7620inspiron_5400g15_5530alienware_15_r6precision_3580precision_5770latitude_7340optiplex_small_form_factor_7010latitude_9420vostro_5301alienware_16_r1latitude_5531alienware_18_r1precision_3440inspiron_5502precision_3581vostro_5402latitude_5540alienware_14_r2vostro_5880xps_17_9700inspiron_15_3530xps_9315_2in1inspiron_7400precision_5750latitude_5310_2_in_1inspiron_7300g3_3500latitude_7520precision_5570latitude_5330precision_3571inspiron_5401vostro_3030sg15_5511inspiron_5301latitude_7320vostro_14_3430
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36301
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-13.33% / 93.90%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac8_firmwareemc_idrac9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36347
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.2||MEDIUM
EPSS-1.77% / 81.90%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 22:15
Updated-16 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.

Action-Not Available
Vendor-Dell Inc.
Product-integrated_dell_remote_access_controller_9integrated_dell_remote_access_controller_8_firmwareintegrated_dell_remote_access_controller_8integrated_dell_remote_access_controller_9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0162
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 23.05%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:18
Updated-04 Feb, 2025 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_c6520_firmwarepoweredge_r660xs_firmwarepoweredge_xr11_firmwarepoweredge_r6615_firmwarepoweredge_t560_firmwarepoweredge_r760xd2_firmwarepoweredge_r6525_firmwarepoweredge_r960poweredge_hs5610emc_xc_core_xc7525xc_core_xc7625poweredge_mx750cpoweredge_xr11poweredge_c6520emc_xc_core_xc750_firmwarepoweredge_r350poweredge_r7515_firmwarepoweredge_xe9680poweredge_xe8640_firmwarepoweredge_xr8610t_firmwarepoweredge_t550poweredge_c6525poweredge_xe8545_firmwarepoweredge_r860poweredge_xr5610_firmwareemc_xc_core_xc750xa_firmwarepoweredge_r6515_firmwarepoweredge_r760xapoweredge_r860_firmwarepoweredge_r6625_firmwarepoweredge_t150_firmwarepoweredge_r250emc_xc_core_xc7525_firmwareemc_xc_core_xc750emc_xc_core_xc750xapoweredge_r760poweredge_xr12poweredge_r7615_firmwarepoweredge_xr8620temc_xc_core_xc450_firmwarepoweredge_xr8620t_firmwarepoweredge_r760xs_firmwarepoweredge_xr12_firmwarepoweredge_r6515emc_xc_core_xc650_firmwarepoweredge_t150poweredge_t560poweredge_xe8545poweredge_r650_firmwarepoweredge_xe9680_firmwarepoweredge_r760xd2poweredge_r760xspoweredge_xr8610tpoweredge_r350_firmwareemc_xc_core_xc650poweredge_r7625_firmwarexc_core_xc760poweredge_r7515emc_xc_core_xc450poweredge_r660xspoweredge_r550_firmwarepoweredge_c6620_firmwarepoweredge_xr7620_firmwarexc_core_xc660poweredge_c6525_firmwarexc_core_xc760_firmwarepoweredge_xe8640poweredge_r960_firmwarepoweredge_xe9640poweredge_r650xspoweredge_r6525emc_xc_core_xc6520_firmwarepoweredge_r750xapoweredge_t350poweredge_mx750c_firmwarepoweredge_r760_firmwarepoweredge_r250_firmwarepoweredge_c6620poweredge_r7525_firmwarepoweredge_xr4510c_firmwareemc_xc_core_xc6520poweredge_r750xa_firmwarepoweredge_r660poweredge_r450_firmwarepoweredge_xr7620poweredge_r7615poweredge_xe9640_firmwarepoweredge_r750xspoweredge_r650poweredge_xr4510cpoweredge_r7525poweredge_r760xa_firmwarepoweredge_r750xs_firmwarepoweredge_r660_firmwarepoweredge_t350_firmwarepoweredge_hs5610_firmwarepoweredge_r750poweredge_r650xs_firmwarepoweredge_xr4520c_firmwarepoweredge_r7625poweredge_c6615poweredge_r750_firmwarepoweredge_hs5620_firmwarexc_core_xc7625_firmwarepoweredge_mx760cpoweredge_mx760c_firmwarepoweredge_xr5610poweredge_r6625poweredge_r450xc_core_xc660_firmwarepoweredge_r6615poweredge_r550poweredge_t550_firmwarepoweredge_hs5620poweredge_xr4520cpoweredge_c6615_firmwarePowerEdge BIOS Intel 16G
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44305
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-5.16% / 89.50%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 08:25
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

Action-Not Available
Vendor-Dell Inc.
Product-dm5500_firmwaredm5500Dell PowerProtect Data Manager DM5500 Appliance
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30102
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.23%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 17:40
Updated-16 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26479
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-3.1||LOW
EPSS-0.06% / 17.03%
||
7 Day CHG~0.00%
Published-10 Apr, 2025 | 02:32
Updated-15 Jul, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26336
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-0.06% / 19.10%
||
7 Day CHG~0.00%
Published-21 Mar, 2025 | 02:23
Updated-27 Mar, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

Action-Not Available
Vendor-Dell Inc.
Product-chassis_management_controller_for_poweredge_fx2chassis_management_controller_for_poweredge_vrtx_firmwarechassis_management_controller_for_poweredge_fx2_firmwarechassis_management_controller_for_poweredge_vrtxDell Chassis Management Controller (CMC) for PowerEdge VRTXDell Chassis Management Controller (CMC) for Dell PowerEdge FX2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25050
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.36%
||
7 Day CHG~0.00%
Published-13 Jun, 2025 | 21:03
Updated-17 Jun, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dell ControlVault3/ControlVault3 Plus cv_upgrade_sensor_firmware out-of-bounds write vulnerability

An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an out-of-bounds write. An attacker can issue an API call to trigger this vulnerability.

Action-Not Available
Vendor-Dell Inc.Broadcom Inc.
Product-ControlVault3ControlVault3 PlusBCM5820X
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21572
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.04% / 9.93%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 17:00
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7090_uffxps_15_9510_firmwareinspiron_7500_firmwareinspiron_7300_firmwarelatitude_3520g5_5500precision_17_m5750_firmwareprecision_3561_firmwarexps_17_9710_firmwareg7_7500precision_7560vostro_3881_firmwarelatitude_5511_firmwareprecision_3550inspiron_3891_firmwarevostro_3888vostro_3888_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_9420optiplex_5090_tower_firmwareprecision_3650_mt_firmwareoptiplex_5080inspiron_5400_aioinspiron_5502latitude_5511inspiron_7501precision_5550inspiron_7300_2-in-1xps_17_9700vostro_3400inspiron_3891xps_13_9305vostro_5310g3_3500latitude_9410_firmwareinspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwareg15_5511_firmwarelatitude_7410_firmwarelatitude_7320latitude_5310_2-in-1optiplex_7090_tower_firmwarelatitude_3420inspiron_15_7510_firmwareinspiron_14_5418_firmwareg5_5500_firmwareinspiron_7506_firmwarelatitude_5410_firmwarelatitude_5310_2-in-1_firmwareinspiron_5409vostro_3890latitude_3510precision_3560_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5406_2n1inspiron_5501_firmwareoptiplex_5080_firmwarexps_17_9700_firmwareinspiron_15_7510latitude_3420_firmwarevostro_14_5410latitude_7320_detachable_firmwarelatitude_9410optiplex_7080_firmwarelatitude_5310xps_15_9500inspiron_5508_firmwareprecision_3450precision_7550_firmwareoptiplex_7090_uff_firmwarechengming_3991precision_5560inspiron_5400_aio_firmwareinspiron_7501_firmwareg15_5510_firmwareinspiron_3881_firmwarelatitude_5521precision_17_m5750vostro_3501latitude_7520vostro_15_5510inspiron_5406_2n1_firmwareprecision_3450_firmwarechengming_3990inspiron_5301g7_7700_firmwareoptiplex_7090_towervostro_5880_firmwarexps_17_9710inspiron_5402inspiron_7700_aiovostro_3881vostro_5401latitude_5420_firmwareprecision_3561latitude_5520latitude_3410_firmwarevostro_5300inspiron_7400_firmwarelatitude_3320vostro_5301precision_3650_mtxps_15_9510latitude_7210_2-in-1inspiron_5410_2-in-1_firmwarevostro_5880precision_7750alienware_m15_r6_firmwareinspiron_5410_2-in-1latitude_3320_firmwarelatitude_9520_firmwareprecision_5560_firmwarevostro_3690_firmwareoptiplex_7080g15_5510latitude_5520_firmwareinspiron_15_5518vostro_7500_firmwarelatitude_5410inspiron_5310precision_3551latitude_5320_2-in-1_firmwareinspiron_7610vostro_5301_firmwarelatitude_5421vostro_5890latitude_9420_firmwarexps_13_2in1_9310latitude_5510inspiron_5400_2-in-1inspiron_5401_aio_firmwareinspiron_7610_firmwarelatitude_5320_2-in-1vostro_5300_firmwarevostro_3501_firmwareinspiron_5400_2-in-1_firmwareoptiplex_7780_all-in-one_firmwareprecision_3440xps_13_2in1_9310_firmwareprecision_3440_firmwarevostro_5402precision_3640_firmwareinspiron_7500_2-in-1_firmwarelatitude_5320precision_3550_firmwarelatitude_7410vostro_3690optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411inspiron_5300_firmwareprecision_7760vostro_7500optiplex_7490_all-in-oneinspiron_7306_2-in-1_firmwarevostro_3500_firmwarelatitude_7320_detachablelatitude_9520inspiron_5509optiplex_3090_uffoptiplex_5090_towervostro_3681latitude_7420inspiron_5300inspiron_7706_2-in-1inspiron_5508precision_5550_firmwarevostro_15_7510g7_7500_firmwarelatitude_5411_firmwarelatitude_3120_firmwarelatitude_3510_firmwareinspiron_15_5518_firmwareinspiron_5301_firmwareinspiron_5408_firmwarelatitude_7310_firmwareinspiron_7306_2-in-1xps_13_9310_firmwarelatitude_9510optiplex_3280_all-in-onelatitude_7520_firmwareprecision_5760_firmwarelatitude_5420inspiron_7300inspiron_5402_firmwarevostro_3681_firmwareprecision_7560_firmwarevostro_5890_firmwarelatitude_9510_firmwareoptiplex_5490_aio_firmwareprecision_7760_firmwarexps_13_9305_firmwarelatitude_7210_2-in-1_firmwarexps_13_9310vostro_15_7510_firmwarelatitude_5510_firmwareg7_7700vostro_5502inspiron_7506optiplex_7780_all-in-oneinspiron_5408inspiron_3501_firmwarevostro_5502_firmwareinspiron_3880g3_3500_firmwareoptiplex_3080_firmwarelatitude_3410precision_7550vostro_5402_firmwareoptiplex_7490_all-in-one_firmwareinspiron_3881vostro_14_5410_firmwarelatitude_5320_firmwareoptiplex_3080inspiron_3501latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwareoptiplex_5490_aiolatitude_7310latitude_5421_firmwareinspiron_7500g15_5511optiplex_3090_uff_firmwareprecision_5760inspiron_5401_firmwarevostro_15_5510_firmwarevostro_5501optiplex_7480_all-in-onechengming_3990_firmwarelatitude_7320_firmwarelatitude_3120precision_3560inspiron_5401_aioprecision_3551_firmwareprecision_3640inspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareinspiron_5509_firmwareoptiplex_7480_all-in-one_firmwarevostro_3500precision_7750_firmwareinspiron_5502_firmwarelatitude_3520_firmwarechengming_3991_firmwareinspiron_14_5418inspiron_5409_firmwareinspiron_7400inspiron_7500_2-in-1latitude_5521_firmwareinspiron_5401BIOSConnect
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21554
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 14.66%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:10
Updated-16 Sep, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r740_firmwarepoweredge_r940xapoweredge_mx740c_firmwareprecision_7920_firmwarepoweredge_r640_firmwareprecision_7920poweredge_r940xa_firmwarepoweredge_r640poweredge_r840poweredge_mx840cpoweredge_mx740cpoweredge_r940_firmwarepoweredge_r840_firmwarepoweredge_r740xd_firmwarepoweredge_r940poweredge_r740poweredge_mx840c_firmwarepoweredge_r740xdPowerEdge BIOS Intel 15G
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21555
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.15% / 36.31%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:10
Updated-16 Sep, 2024 | 22:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_r740_firmwarepoweredge_r940xapoweredge_mx740c_firmwarepoweredge_r640_firmwarepoweredge_r940xa_firmwarepoweredge_r640poweredge_t640_firmwarepoweredge_r840poweredge_mx840cpoweredge_t640poweredge_mx740cpoweredge_r940_firmwarepoweredge_r840_firmwarepoweredge_r740xd_firmwarepoweredge_r940poweredge_r740poweredge_mx840c_firmwarepoweredge_r740xdPowerEdge BIOS Intel 15G
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21574
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.20%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 17:00
Updated-16 Sep, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

Action-Not Available
Vendor-Dell Inc.
Product-optiplex_7090_uffxps_15_9510_firmwareinspiron_7500_firmwareinspiron_7300_firmwarelatitude_3520g5_5500precision_17_m5750_firmwareprecision_3561_firmwarexps_17_9710_firmwareg7_7500precision_7560vostro_3881_firmwarelatitude_5511_firmwareprecision_3550inspiron_3891_firmwarevostro_3888vostro_3888_firmwarelatitude_7420_firmwareinspiron_5501vostro_5501_firmwarelatitude_9420optiplex_5090_tower_firmwareprecision_3650_mt_firmwareoptiplex_5080inspiron_5400_aioinspiron_5502latitude_5511inspiron_7501precision_5550inspiron_7300_2-in-1xps_17_9700vostro_3400inspiron_3891xps_13_9305vostro_5310g3_3500latitude_9410_firmwareinspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwareg15_5511_firmwarelatitude_7410_firmwarelatitude_7320latitude_5310_2-in-1optiplex_7090_tower_firmwarelatitude_3420inspiron_15_7510_firmwareinspiron_14_5418_firmwareg5_5500_firmwareinspiron_7506_firmwarelatitude_5410_firmwarelatitude_5310_2-in-1_firmwareinspiron_5409vostro_3890latitude_3510precision_3560_firmwarevostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5406_2n1inspiron_5501_firmwareoptiplex_5080_firmwarexps_17_9700_firmwareinspiron_15_7510latitude_3420_firmwarevostro_14_5410latitude_7320_detachable_firmwarelatitude_9410optiplex_7080_firmwarelatitude_5310xps_15_9500inspiron_5508_firmwareprecision_3450precision_7550_firmwareoptiplex_7090_uff_firmwarechengming_3991precision_5560inspiron_5400_aio_firmwareinspiron_7501_firmwareg15_5510_firmwareinspiron_3881_firmwarelatitude_5521precision_17_m5750vostro_3501latitude_7520vostro_15_5510inspiron_5406_2n1_firmwareprecision_3450_firmwarechengming_3990inspiron_5301g7_7700_firmwareoptiplex_7090_towervostro_5880_firmwarexps_17_9710inspiron_5402inspiron_7700_aiovostro_3881vostro_5401latitude_5420_firmwareprecision_3561latitude_5520latitude_3410_firmwarevostro_5300inspiron_7400_firmwarelatitude_3320vostro_5301precision_3650_mtxps_15_9510latitude_7210_2-in-1inspiron_5410_2-in-1_firmwarevostro_5880precision_7750alienware_m15_r6_firmwareinspiron_5410_2-in-1latitude_3320_firmwarelatitude_9520_firmwareprecision_5560_firmwarevostro_3690_firmwareoptiplex_7080g15_5510latitude_5520_firmwareinspiron_15_5518vostro_7500_firmwarelatitude_5410inspiron_5310precision_3551latitude_5320_2-in-1_firmwareinspiron_7610vostro_5301_firmwarelatitude_5421vostro_5890latitude_9420_firmwarexps_13_2in1_9310latitude_5510inspiron_5400_2-in-1inspiron_5401_aio_firmwareinspiron_7610_firmwarelatitude_5320_2-in-1vostro_5300_firmwarevostro_3501_firmwareinspiron_5400_2-in-1_firmwareoptiplex_7780_all-in-one_firmwareprecision_3440xps_13_2in1_9310_firmwareprecision_3440_firmwarevostro_5402precision_3640_firmwareinspiron_7500_2-in-1_firmwarelatitude_5320precision_3550_firmwarelatitude_7410vostro_3690optiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411inspiron_5300_firmwareprecision_7760vostro_7500optiplex_7490_all-in-oneinspiron_7306_2-in-1_firmwarevostro_3500_firmwarelatitude_7320_detachablelatitude_9520inspiron_5509optiplex_3090_uffoptiplex_5090_towervostro_3681latitude_7420inspiron_5300inspiron_7706_2-in-1inspiron_5508precision_5550_firmwarevostro_15_7510g7_7500_firmwarelatitude_5411_firmwarelatitude_3120_firmwarelatitude_3510_firmwareinspiron_15_5518_firmwareinspiron_5301_firmwareinspiron_5408_firmwarelatitude_7310_firmwareinspiron_7306_2-in-1xps_13_9310_firmwarelatitude_9510optiplex_3280_all-in-onelatitude_7520_firmwareprecision_5760_firmwarelatitude_5420inspiron_7300inspiron_5402_firmwarevostro_3681_firmwareprecision_7560_firmwarevostro_5890_firmwarelatitude_9510_firmwareoptiplex_5490_aio_firmwareprecision_7760_firmwarexps_13_9305_firmwarelatitude_7210_2-in-1_firmwarexps_13_9310vostro_15_7510_firmwarelatitude_5510_firmwareg7_7700vostro_5502inspiron_7506optiplex_7780_all-in-oneinspiron_5408inspiron_3501_firmwarevostro_5502_firmwareinspiron_3880g3_3500_firmwareoptiplex_3080_firmwarelatitude_3410precision_7550vostro_5402_firmwareoptiplex_7490_all-in-one_firmwareinspiron_3881vostro_14_5410_firmwarelatitude_5320_firmwareoptiplex_3080inspiron_3501latitude_5310_firmwarealienware_m15_r6vostro_3890_firmwareoptiplex_5490_aiolatitude_7310latitude_5421_firmwareinspiron_7500g15_5511optiplex_3090_uff_firmwareprecision_5760inspiron_5401_firmwarevostro_15_5510_firmwarevostro_5501optiplex_7480_all-in-onechengming_3990_firmwarelatitude_7320_firmwarelatitude_3120precision_3560inspiron_5401_aioprecision_3551_firmwareprecision_3640inspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareinspiron_5509_firmwareoptiplex_7480_all-in-one_firmwarevostro_3500precision_7750_firmwareinspiron_5502_firmwarelatitude_3520_firmwarechengming_3991_firmwareinspiron_14_5418inspiron_5409_firmwareinspiron_7400inspiron_7500_2-in-1latitude_5521_firmwareinspiron_5401BIOSConnect
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34403
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.36%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:19
Updated-26 Mar, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_15_3511inspiron_5310vostro_5510_firmwarexps_15_9510_firmwarelatitude_3520vostro_3525_firmwareprecision_3561_firmwarexps_17_9710_firmwareinspiron_3275inspiron_7610precision_3650_towerlatitude_rugged_7330precision_7560latitude_5421vostro_5890latitude_9420_firmwareinspiron_3891_firmwareinspiron_3785_firmwareinspiron_3525_firmwarelatitude_7420_firmwareinspiron_7610_firmwareinspiron_15_3511_firmwareoptiplex_5090_firmwareinspiron_3515_firmwarelatitude_9420g15_5525_firmwareinspiron_3475inspiron_5505inspiron_3505g15_5525optiplex_7090_ultrainspiron_3595inspiron_5485_2-in-1latitude_5320inspiron_3891vostro_5310inspiron_5510_firmwarealienware_m17_r5_amdinspiron_7405_2-in-1inspiron_3275_firmwarevostro_3690precision_7760inspiron_5425g15_5511_firmwarelatitude_7320alienware_m15_r7inspiron_5485vostro_5515_firmwarevostro_5625latitude_7320_detachablelatitude_9520vostro_3425vostro_3515_firmwareoptiplex_7090_tower_firmwareinspiron_5515inspiron_5415_firmwarelatitude_3420inspiron_14_5410_2-in-1_firmwareinspiron_3505_firmwareinspiron_5585optiplex_7090_aiolatitude_7420latitude_rugged_7330_firmwareinspiron_3785vostro_3890optiplex_7090_aio_firmwareprecision_3560_firmwareinspiron_7415inspiron_3525vostro_3515inspiron_5310_firmwareinspiron_5505_firmwarelatitude_7520_firmwareinspiron_14_5410_2-in-1inspiron_7425latitude_3420_firmwarelatitude_5420precision_5760_firmwareinspiron_5485_firmwareg5_se_5505_firmwareprecision_7560_firmwarevostro_5890_firmwareprecision_7760_firmwareinspiron_7425_firmwarevostro_3525vostro_5510inspiron_5515_firmwarelatitude_rugged_5430_firmwareinspiron_5410latitude_7320_detachable_firmwareinspiron_3585vostro_3510_firmwareg5_se_5505inspiron_5410_firmwarevostro_5410_firmwarevostro_5415inspiron_7415_firmwareoptiplex_7090_ultra_firmwareinspiron_5415precision_3450inspiron_5510precision_5560alienware_m17_r5_amd_firmwarelatitude_5320_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5521vostro_5515g15_5515vostro_7510inspiron_7510_firmwarelatitude_rugged_5430latitude_7520alienware_m15_r6vostro_3890_firmwareprecision_3450_firmwarelatitude_5421_firmwareg15_5511vostro_3405optiplex_7090_towerprecision_5760g15_5515_firmwareinspiron_3195_2-in-1_firmwarealienware_m15_ryzen_edition_r5latitude_7320_firmwareoptiplex_5490_all-in-onexps_17_9710precision_3560vostro_5410inspiron_5405_firmwareinspiron_5425_firmwareinspiron_7405_2-in-1_firmwarevostro_5310_firmwareinspiron_3515latitude_5420_firmwareprecision_3561latitude_5520inspiron_7510latitude_3320vostro_3405_firmwarevostro_5625_firmwareinspiron_3195_2-in-1xps_15_9510alienware_m15_ryzen_edition_r5_firmwarelatitude_3520_firmwarevostro_3425_firmwareinspiron_5485_2-in-1_firmwarealienware_m15_r7_firmwarealienware_m15_r6_firmwareinspiron_3595_firmwarelatitude_3320_firmwareprecision_3650_tower_firmwarelatitude_5521_firmwarelatitude_9520_firmwareinspiron_3585_firmwareoptiplex_5490_all-in-one_firmwareprecision_5560_firmwareinspiron_5585_firmwarevostro_3510vostro_3690_firmwarevostro_5415_firmwareg15_5510inspiron_5405inspiron_3475_firmwarelatitude_5520_firmwareoptiplex_5090CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34401
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 5.96%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 05:51
Updated-03 Apr, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-g15_5525_firmwarealienware_m17_r5_firmwarealienware_m15_a6_firmwareg15_5525alienware_m15_a6alienware_m17_r5CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34454
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.78%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 09:48
Updated-24 Mar, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34424
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.32%
||
7 Day CHG~0.00%
Published-28 Sep, 2022 | 20:30
Updated-20 May, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10Dell Networking OS10
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34400
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.05% / 13.60%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:24
Updated-27 Mar, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_15_3511inspiron_5310vostro_5510_firmwarexps_15_9510_firmwarelatitude_3520vostro_3525_firmwareprecision_3561_firmwarexps_17_9710_firmwareinspiron_3275inspiron_7610precision_3650_towerlatitude_rugged_7330precision_7560latitude_5421vostro_5890latitude_9420_firmwareinspiron_3891_firmwareinspiron_3785_firmwareinspiron_3525_firmwarelatitude_7420_firmwareinspiron_7610_firmwareinspiron_15_3511_firmwareoptiplex_5090_firmwareinspiron_3515_firmwarelatitude_9420g15_5525_firmwareinspiron_3475inspiron_5505inspiron_3505g15_5525optiplex_7090_ultrainspiron_3595inspiron_5485_2-in-1latitude_5320inspiron_3891vostro_5310inspiron_5510_firmwarealienware_m17_r5_amdinspiron_7405_2-in-1inspiron_3275_firmwarevostro_3690precision_7760inspiron_5425g15_5511_firmwarelatitude_7320alienware_m15_r7inspiron_5485vostro_5515_firmwarevostro_5625latitude_7320_detachablelatitude_9520vostro_3425vostro_3515_firmwareoptiplex_7090_tower_firmwareinspiron_5515inspiron_5415_firmwarelatitude_3420inspiron_14_5410_2-in-1_firmwareinspiron_3505_firmwareinspiron_5585optiplex_7090_aiolatitude_7420latitude_rugged_7330_firmwareinspiron_3785vostro_3890optiplex_7090_aio_firmwareprecision_3560_firmwareinspiron_7415inspiron_3525vostro_3515inspiron_5310_firmwareinspiron_5505_firmwarelatitude_7520_firmwareinspiron_14_5410_2-in-1inspiron_7425latitude_3420_firmwarelatitude_5420precision_5760_firmwareinspiron_5485_firmwareg5_se_5505_firmwareprecision_7560_firmwarevostro_5890_firmwareprecision_7760_firmwareinspiron_7425_firmwarevostro_3525vostro_5510inspiron_5515_firmwarelatitude_rugged_5430_firmwareinspiron_5410latitude_7320_detachable_firmwareinspiron_3585vostro_3510_firmwareg5_se_5505inspiron_5410_firmwarevostro_5410_firmwarevostro_5415inspiron_7415_firmwareoptiplex_7090_ultra_firmwareinspiron_5415precision_3450inspiron_5510precision_5560alienware_m17_r5_amd_firmwarelatitude_5320_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5521vostro_5515g15_5515vostro_7510inspiron_7510_firmwarelatitude_rugged_5430latitude_7520alienware_m15_r6vostro_3890_firmwareprecision_3450_firmwarelatitude_5421_firmwareg15_5511vostro_3405optiplex_7090_towerprecision_5760g15_5515_firmwareinspiron_3195_2-in-1_firmwarealienware_m15_ryzen_edition_r5latitude_7320_firmwareoptiplex_5490_all-in-onexps_17_9710precision_3560vostro_5410inspiron_5405_firmwareinspiron_5425_firmwareinspiron_7405_2-in-1_firmwarevostro_5310_firmwareinspiron_3515latitude_5420_firmwareprecision_3561latitude_5520inspiron_7510latitude_3320vostro_3405_firmwarevostro_5625_firmwareinspiron_3195_2-in-1xps_15_9510alienware_m15_ryzen_edition_r5_firmwarelatitude_3520_firmwarevostro_3425_firmwareinspiron_5485_2-in-1_firmwarealienware_m15_r7_firmwarealienware_m15_r6_firmwareinspiron_3595_firmwarelatitude_3320_firmwareprecision_3650_tower_firmwarelatitude_5521_firmwarelatitude_9520_firmwareinspiron_3585_firmwareoptiplex_5490_all-in-one_firmwareprecision_5560_firmwareinspiron_5585_firmwarevostro_3510vostro_3690_firmwarevostro_5415_firmwareg15_5510inspiron_5405inspiron_3475_firmwarelatitude_5520_firmwareoptiplex_5090CPG BIOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found