Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-44289

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-23 Nov, 2023 | 06:41
Updated At-05 Jun, 2025 | 14:11
Rejected At-
Credits

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:23 Nov, 2023 | 06:41
Updated At:05 Jun, 2025 | 14:11
Rejected At:
▼CVE Numbering Authority (CNA)

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.

Affected Products
Vendor
Dell Inc.Dell
Product
Dell Command Configure (DCC)
Platforms
  • Dell Command | Configure
Default Status
unaffected
Versions
Affected
  • Versions prior to 4.11.0
Problem Types
TypeCWE IDDescription
CWECWE-284CWE-284: Improper Access Control
Type: CWE
CWE ID: CWE-284
Description: CWE-284: Improper Access Control
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities
vendor-advisory
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:23 Nov, 2023 | 07:15
Updated At:30 Nov, 2023 | 05:04

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Dell Inc.
dell
>>command\|configure>>Versions before 4.11.0(exclusive)
cpe:2.3:a:dell:command\|configure:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-284Secondarysecurity_alert@emc.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilitiessecurity_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000218628/dsa-2023-390-security-update-for-dell-command-configure-and-dell-command-monitor-vulnerabilities
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

423Records found
CVE-2023-22576
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 09:44
Updated-23 Aug, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM)repository_manager
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-28976
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.04% / 12.41%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 08:01
Updated-21 Jan, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM) repository_manager
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-45099
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.04%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:03
Updated-26 Mar, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-261
Weak Encoding for Password
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-25958
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.32%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 15:18
Updated-28 Jan, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of application data and service disruption.

Action-Not Available
Vendor-Dell Inc.
Product-grabGrab for Windowsgrab_for_windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-25960
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.92%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 18:13
Updated-09 Jan, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2024-22228
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.01%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:40
Updated-07 May, 2025 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cifssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-22224
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.43%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:48
Updated-07 May, 2025 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-22222
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.25% / 47.99%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 19:04
Updated-01 Aug, 2024 | 22:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_udoctor utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-22227
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.01%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:37
Updated-07 May, 2025 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability execute commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-22452
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.10% / 28.66%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 13:08
Updated-31 Jan, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-display_and_peripheral_managerDell Display and Peripheral Manager display_manager
CWE ID-CWE-264
Not Available
CVE-2024-22223
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.27%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 19:07
Updated-07 May, 2025 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its svc_cbr utility. An authenticated malicious user with local access could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-22449
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 7.21%
||
7 Day CHG~0.00%
Published-01 Feb, 2024 | 09:48
Updated-17 Jun, 2025 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefs PowerScale OneFS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-22225
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.37%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:51
Updated-07 May, 2025 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_supportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34387
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 7.11%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 20:15
Updated-26 Mar, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcssupportassist_for_home_pcsSupportAssist
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2022-34373
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.09% / 25.96%
||
7 Day CHG~0.00%
Published-31 Aug, 2022 | 20:05
Updated-16 Sep, 2024 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system.

Action-Not Available
Vendor-Dell Inc.
Product-command_\|_integration_suite_for_system_centerCPG SW
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-34391
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-16 May, 2025 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_area-51_r4_firmwarealienware_area-51_r5_firmwarealienware_area-51_r5alienware_area-51_r4CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-34405
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.35%
||
7 Day CHG~0.00%
Published-25 Jan, 2023 | 16:15
Updated-28 Mar, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_x17_r1g7_7590alienware_m15_ryzen_edition_r5g5_5590g7_7700alienware_m15_r1g5_5500alienware_m17_r3alienware_area_51m_r1alienware_m15_r2g7_7500alienware_aurora_r8alienware_x15_r1realtek_high_definition_audio_driveralienware_aurora_r13g7_7790alienware_m17_r4alienware_m17_r2g5_5090alienware_area_51m_r2alienware_m17_r1alienware_aurora_r10g3_3590g15_5515alienware_m15_r4alienware_m15_r3g3_3500g5_5000alienware_m15_r6g15_5510alienware_aurora_r12alienware_aurora_r9alienware_aurora_r11g15_5511CPG Drivers
CWE ID-CWE-285
Improper Authorization
CVE-2022-33919
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.57%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authenticated non-admin user could potentially exploit this vulnerability and view sensitive information.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-33921
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.12% / 31.43%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-34390
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 5.63%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-12 May, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_area-51_r4_firmwarealienware_area-51_r5_firmwarealienware_area-51_r5alienware_area-51_r4CPG BIOS
CWE ID-CWE-457
Use of Uninitialized Variable
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2022-33920
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-34462
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.78%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 06:51
Updated-20 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.

Action-Not Available
Vendor-Dell Inc.
Product-policy_manager_for_secure_connect_gatewaySecure Connect Gateway (SCG) Policy Manager
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-34396
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.04% / 9.53%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 05:24
Updated-26 Mar, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Exploitation may lead to a complete system compromise.

Action-Not Available
Vendor-Dell Inc.
Product-openmanage_server_administratorOpenManage Server Administrator (OMSA)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-34443
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.94%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:19
Updated-27 Mar, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-rugged_control_centerRugged Control Center (RCC)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33922
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.11% / 30.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell recommends customers to upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-34382
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.38%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 17:30
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_updatecommand_updateupdateDell Command Update (DCU)
CVE-2022-32488
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32493
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.21%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-22450
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.4||HIGH
EPSS-0.09% / 25.57%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 07:08
Updated-31 Jan, 2025 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_command_centerAlienware Command Center (AWCC)alienware_command_center
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-22428
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 13.29%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 04:02
Updated-13 Nov, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-32487
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 4.31%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31226
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.11% / 29.80%
||
7 Day CHG~0.00%
Published-12 Sep, 2022 | 18:35
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-precision_3660_towerinspiron_16_plus_7620_firmwareinspiron_7420xps_17_9720_firmwareinspiron_5620optiplex_7400vostro_3910optiplex_7000vostro_7620_firmwareinspiron_7420_firmwareoptiplex_5000_firmwareprecision_3660_tower_firmwareoptiplex_7000_oemoptiplex_5000inspiron_7620_firmwarechengming_3900optiplex_3000inspiron_5420chengming_3900_firmwarexps_17_9720vostro_3910_firmwareprecision_5770inspiron_16_plus_7620inspiron_14_plus_7420vostro_3710_firmwarevostro_5320vostro_5620_firmwarevostro_7620optiplex_3000_thin_clientinspiron_5620_firmwareoptiplex_5400inspiron_5320_firmwarevostro_5620precision_5770_firmwareinspiron_14_plus_7420_firmwareoptiplex_5400_firmwareoptiplex_3000_thin_client_firmwareoptiplex_3000_firmwareoptiplex_7000_firmwareinspiron_5320inspiron_3910vostro_3710vostro_5320_firmwareoptiplex_7400_firmwareinspiron_3910_firmwareinspiron_5420_firmwareprecision_3460_small_form_factor_firmwareoptiplex_7000_oem_firmwareprecision_3460_small_form_factorinspiron_7620CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0168
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.01%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:20
Updated-19 Aug, 2024 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an authenticated attacker to execute commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnityunity_operating_environment
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0167
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.28% / 50.86%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:23
Updated-06 May, 2025 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0165
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.84%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:30
Updated-06 May, 2025 | 21:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_dump utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0155
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 13:00
Updated-08 Jan, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)digital_delivery
CWE ID-CWE-416
Use After Free
CVE-2024-0164
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.74%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:34
Updated-01 Aug, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary commands with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnityunity_operating_environment
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0172
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.9||HIGH
EPSS-0.05% / 13.29%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 09:09
Updated-04 Feb, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_c6520_firmwarepoweredge_r660xs_firmwarepoweredge_t340_firmwarepoweredge_r6615_firmwareemc_xc_core_xc7525poweredge_r940xapoweredge_xr11emc_xc_core_xc750_firmwarepoweredge_r740xd2_firmwarepoweredge_xe2420poweredge_mx840cpoweredge_xe8640_firmwarepoweredge_mx740c_firmwarepoweredge_r860poweredge_r740xd_firmwarepoweredge_xe2420_firmwarepoweredge_r340emc_xc_core_xc940_system_firmwareemc_xc_core_xc750xa_firmwarepoweredge_r6515_firmwareemc_xc_core_xc750poweredge_xe7440nx440poweredge_xr12_firmwarepoweredge_t560poweredge_xe8545poweredge_r840emc_xc_core_xcxr2poweredge_r760xd2poweredge_r760xsemc_storage_nx3340_firmwarepoweredge_r6415poweredge_xr8610tpoweredge_r350_firmwareemc_xc_core_6420_systempoweredge_r7425_firmwarepoweredge_r840_firmwarepoweredge_r7625_firmwarepoweredge_r740xdpoweredge_xr2_firmwareemc_xc_core_xc450emc_xc_core_xc740xd_system_firmwaredss_8440poweredge_xr7620_firmwarepoweredge_c6525_firmwareemc_xc_core_xc640_systempoweredge_r640poweredge_r6525emc_xc_core_xc6520_firmwarepoweredge_t340poweredge_mx750c_firmwarepoweredge_r750xa_firmwarepoweredge_xr7620poweredge_xe9640_firmwarepoweredge_mx840c_firmwarepoweredge_r650nx440_firmwarepoweredge_r660_firmwareemc_xc_core_xcxr2_firmwarepoweredge_t350_firmwarepoweredge_hs5610_firmwarepoweredge_xr4520c_firmwarepoweredge_t640poweredge_r7625poweredge_r750_firmwarepoweredge_c4140_firmwarepoweredge_mx760cpoweredge_r240_firmwarepoweredge_mx760c_firmwarepoweredge_xr5610poweredge_r6625poweredge_r450dss_8440_firmwarepoweredge_t550_firmwarepoweredge_r7415_firmwarepoweredge_m640_firmwarepoweredge_xr4520cpoweredge_r7515_firmwarepoweredge_mx740cpoweredge_c4140poweredge_xr11_firmwarepoweredge_t140_firmwarepoweredge_r6415_firmwarepoweredge_t560_firmwarepoweredge_r760xd2_firmwarepoweredge_xr2poweredge_r6525_firmwarepoweredge_r960poweredge_r340_firmwarepoweredge_hs5610emc_xc_core_xc740xd_systempoweredge_t640_firmwareemc_xc_core_xc640_system_firmwarepoweredge_mx750cpoweredge_c6520poweredge_r440poweredge_r440_firmwarepoweredge_r350emc_xc_core_xc740xd2poweredge_r740poweredge_xe9680emc_storage_nx3340poweredge_xr8610t_firmwarepoweredge_t550poweredge_c6525poweredge_xe8545_firmwarepoweredge_r240poweredge_xr5610_firmwarepoweredge_r7415poweredge_r740_firmwarepoweredge_r760xapoweredge_r860_firmwarepoweredge_r6625_firmwarepoweredge_t150_firmwarepoweredge_r250poweredge_c6420_firmwarepoweredge_m640poweredge_c6420emc_xc_core_xc750xapoweredge_r760poweredge_xr12poweredge_r7615_firmwarepoweredge_xr8620temc_xc_core_xc450_firmwarepoweredge_xr8620t_firmwarepoweredge_r760xs_firmwarepoweredge_r6515emc_xc_core_xc650_firmwareemc_storage_nx3240poweredge_t150poweredge_r650_firmwarepoweredge_xe9680_firmwarepoweredge_t440emc_xc_core_6420_system_firmwareemc_xc_core_xc650poweredge_r7515emc_xc_core_xc7525_firmwarepoweredge_r660xspoweredge_xe7420_firmwarepoweredge_r550_firmwarepoweredge_c6620_firmwarepoweredge_m640_\(pe_vrtx\)_firmwarepoweredge_xe8640poweredge_xe7440_firmwarepoweredge_r960_firmwarepoweredge_xe9640poweredge_r650xspoweredge_r940xa_firmwarepoweredge_r750xapoweredge_t350poweredge_fc640_firmwarepoweredge_r7425poweredge_r760_firmwarepoweredge_r250_firmwarepoweredge_c6620poweredge_r7525_firmwarepoweredge_fc640poweredge_xr4510c_firmwarepoweredge_r740xd2emc_xc_core_xc6520poweredge_r640_firmwarepoweredge_r660poweredge_r450_firmwarepoweredge_r7615poweredge_r940poweredge_t440_firmwarepoweredge_r750xspoweredge_xr4510cpoweredge_r7525poweredge_r760xa_firmwarepoweredge_xe7420poweredge_r750xs_firmwareemc_xc_core_xc940_systempoweredge_r750poweredge_m640_\(pe_vrtx\)poweredge_r650xs_firmwarepoweredge_t140poweredge_hs5620_firmwarepoweredge_r540poweredge_r540_firmwarepoweredge_r940_firmwareemc_storage_nx3240_firmwareemc_xc_core_xc740xd2_firmwarepoweredge_r6615poweredge_r550poweredge_hs5620PowerEdge Platformpoweredge_t140_firmwarepoweredge_r7615_firmwarepoweredge_t560_firmwarepoweredge_r6515_firmwarepoweredge_hs5610_firmwarepoweredge_xr4510c_firmwarepoweredge_r7515_firmwarepoweredge_xr8620t_firmwareemc_xc_core_xc450_firmwarepoweredge_r760xa_firmwarepoweredge_mx750c_firmwarepoweredge_r650_firmwareemc_xc_core_xc650_firmwarepoweredge_xe7440_firmwarepoweredge_c6520_firmwareemc_storage_nx3340_firmwarepoweredge_r550_firmwareemc_xc_core_xc750_firmwarepoweredge_r840_firmwarepoweredge_t150_firmwarepoweredge_r760xd2_firmwarepoweredge_c4140_firmwarepoweredge_r250_firmwarepoweredge_r760_firmwarepoweredge_mx840c_firmwarepoweredge_r350_firmwarepoweredge_r750_firmwarepoweredge_r660_firmwarepoweredge_c6525_firmwarepoweredge_r6625_firmwarepoweredge_r6415_firmwarepoweredge_fc640_firmwarepoweredge_xe7420_firmwarepoweredge_t640_firmwarepoweredge_c6420_firmwarepoweredge_r7415_firmwarepoweredge_t550_firmwarepoweredge_xr7620_firmwarepoweredge_r240_firmwarepoweredge_xe2420_firmwarepoweredge_r940_firmwarepoweredge_xr11_firmwarepoweredge_r650xs_firmwarepoweredge_r740xd_firmwarepoweredge_xr12_firmwarepoweredge_r7625_firmwarepoweredge_xe9640_firmwarepoweredge_r440_firmwarepoweredge_mx740c_firmwarepoweredge_xe9680_firmwarepoweredge_xr5610_firmwarepoweredge_r640_firmwarepoweredge_xr4520c_firmwarepoweredge_r940xa_firmwarepoweredge_r7525_firmwarepoweredge_c6620_firmwarepoweredge_mx760c_firmwarepoweredge_xe8545_firmwarepoweredge_r6615_firmwareemc_storage_nx3240_firmwarepoweredge_m640_firmwarepoweredge_r540_firmwarepoweredge_r740_firmwarepoweredge_r660xs_firmwarepoweredge_t340_firmwarepoweredge_r760xs_firmwarepoweredge_r740xd2_firmwarepoweredge_r340_firmwarepoweredge_xr2_firmwarepoweredge_r6525_firmwarepoweredge_r450_firmwarepoweredge_xe8640_firmwarepoweredge_r750xa_firmwarepoweredge_r960_firmwarepoweredge_r7425_firmwarepoweredge_r750xs_firmwarepoweredge_t440_firmwarepoweredge_t350_firmwarepoweredge_r860_firmwarepoweredge_hs5620_firmware
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-0166
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.74%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:27
Updated-06 May, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdump utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0170
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.01%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 18:08
Updated-06 May, 2025 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0156
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.54%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 12:54
Updated-08 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)dell_digital_delivery
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-38743
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 18:46
Updated-22 Aug, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-iDRAC Service Module (iSM)
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CVE-2021-36289
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.59%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 22:15
Updated-17 Sep, 2024 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.

Action-Not Available
Vendor-Dell Inc.
Product-vnx5600vnx5400vnx5800vnx_vg10emc_unity_operating_environmentvnx5200vnx_vg50vnx7600vnx8000VNX Control Station
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2021-36339
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 20:15
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious user may potentially exploit this vulnerability to get privileged access to the virtual appliance.

Action-Not Available
Vendor-Dell Inc.
Product-unisphere_for_powermax_virtual_applianceunisphere_for_powermaxvasasolutions_enabler_virtual_appliancepowermax_ossolutions_enablerunisphere_360Solutions Enabler vApp
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2021-36279
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 22:00
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-36340
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.10%
||
7 Day CHG~0.00%
Published-20 Nov, 2021 | 01:40
Updated-23 May, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.

Action-Not Available
Vendor-Dell Inc.
Product-secure_connect_gatewaySecure Connect Gateway (SCG) 5.0 Application
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2021-36311
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.04% / 9.64%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.

Action-Not Available
Vendor-Dell Inc.
Product-emc_networkerNetWorker
CWE ID-CWE-285
Improper Authorization
CVE-2021-36297
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.28%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 19:20
Updated-16 Sep, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's,

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_home_pcsSupportAssist Client Consumer
CWE ID-CWE-426
Untrusted Search Path
CVE-2023-48670
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.84%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 15:57
Updated-02 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_home_pcsSupportAssist Client Consumer
CWE ID-CWE-426
Untrusted Search Path
CVE-2022-29092
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.95%
||
7 Day CHG~0.00%
Published-10 Jun, 2022 | 20:05
Updated-17 Sep, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcssupportassist_for_home_pcsSupportAssist Consumer
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found