Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-35070

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-20 May, 2026 | 09:23
Updated At-21 May, 2026 | 03:55
Rejected At-
Credits

Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:20 May, 2026 | 09:23
Updated At:21 May, 2026 | 03:55
Rejected At:
â–¼CVE Numbering Authority (CNA)

Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

Affected Products
Vendor
Dell Inc.Dell
Product
SmartFabric Storage Software
Default Status
unaffected
Versions
Affected
  • From 0 before 1.4.5 or later (semver)
Problem Types
TypeCWE IDDescription
CWECWE-77CWE-77: Improper Neutralization of Special Elements used in a Command (Command Injection)
Type: CWE
CWE ID: CWE-77
Description: CWE-77: Improper Neutralization of Special Elements used in a Command (Command Injection)
Metrics
VersionBase scoreBase severityVector
3.16.4MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Dell would like to thank zzcentury from Ubisectech Sirius Team for reporting this issue.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/en-us/000466942/dsa-2026-235-security-update-for-dell-networking-smartfabric-storage-software-vulnerabilities
vendor-advisory
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000466942/dsa-2026-235-security-update-for-dell-networking-smartfabric-storage-software-vulnerabilities
Resource:
vendor-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:20 May, 2026 | 10:16
Updated At:20 May, 2026 | 13:56

Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.4MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-77Primarysecurity_alert@emc.com
CWE ID: CWE-77
Type: Primary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/en-us/000466942/dsa-2026-235-security-update-for-dell-networking-smartfabric-storage-software-vulnerabilitiessecurity_alert@emc.com
N/A
Hyperlink: https://www.dell.com/support/kbdoc/en-us/000466942/dsa-2026-235-security-update-for-dell-networking-smartfabric-storage-software-vulnerabilities
Source: security_alert@emc.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

54Records found
CVE-2021-21591
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-12 Jul, 2021 | 15:40
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-29489
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 5.74%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in a system file. A local authenticated attacker with access to the system files may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_vsa_operating_environmentemc_unity_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-29501
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 12.23%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-29499
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.16% / 36.65%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 21:30
Updated-17 Sep, 2024 | 01:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstorePowerStore
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-26199
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.79%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-16 Sep, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in multiple log files. A local authenticated attacker with access to the log files may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_vsa_operating_environmentemc_unity_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2021-36290
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-08 Apr, 2022 | 19:50
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.

Action-Not Available
Vendor-Dell Inc.
Product-vnxe1600vnx5600vnx5400vnx5800vnx_vg10emc_unity_operating_environmentvnx5200vnx_vg50vnx7600vnx8000VNX2
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-32476
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 15.18%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 13:00
Updated-24 Oct, 2024 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files.

Action-Not Available
Vendor-Dell Inc.
Product-hybrid_clientDell Hybrid Client (DHC)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-34387
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.12% / 30.25%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 20:15
Updated-26 Mar, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcssupportassist_for_home_pcsSupportAssist
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2022-33923
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.25% / 48.60%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 20:55
Updated-16 Sep, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstore_3200temc_powerstore_500temc_powerstore_9200temc_powerstore_5200t_firmwareemc_powerstore_1200t_firmwareemc_powerstore_9200t_firmwareemc_powerstore_500t_firmwareemc_powerstore_3200t_firmwareemc_powerstore_1200temc_powerstore_5200tPowerStore
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-29085
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.10% / 27.79%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 21:00
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentunityvsa_operating_environmentunity_xt_operating_environmentUnity
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-26868
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 16.89%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 21:00
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system takeover by an attacker.

Action-Not Available
Vendor-Dell Inc.
Product-powerstore_xpowerstore_tpowerstoreosPowerStore
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-21590
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-12 Jul, 2021 | 15:40
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-21547
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 6.04%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 21:10
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentunityvsa_operating_environmentunity_xt_operating_environmentUnity
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-46696
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 7.85%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 15:01
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30, contain(s) an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-secure_connect_gatewaySecure Connect Gateway (SCG) ApplianceSecure Connect Gateway (SCG) Application
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2025-43908
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 1.75%
||
7 Day CHG~0.00%
Published-07 Oct, 2025 | 18:22
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature ReleasePowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2025
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8105
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 1.97%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 19:15
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Platform Key (PK) used in UEFI system firmware signature

A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.

Action-Not Available
Vendor-GigabyteSupermicroFormelifeAopenLenovo Group LimitedAcer Inc.HP Inc.Intel CorporationDell Inc.Fujitsu Limited
Product-G493-ZB4 (rev. AAP1)GA-B150M-Gaming (rev. 1.0)GA-Z68XP-UD4 (rev. 1.0)GB-BXi5-4200 (rev. 1.0)MSH61DI (rev. 1.2)G593-ZD1 (rev. AAX1)MZ72-HB2 (rev. 3.0)G262-ZR0X299 DESIGNARE EX (rev. 1.0)R123-X00 (rev. AA01)hp-prodesk-400-g1-microtower-pcGA-H110M-AE283-Z91 (rev. AAV1)GA-Z170X-Ultra Gaming (rev. 1.0)G1.Sniper Z170 (rev. 1.0)R282-Z96 (rev. 100)Q1742FT181-G20 (rev. 1.0)G190-H44MZ73-LM0 (rev. 2.0)G481-H80 (rev. 100)GB-BXi5G3-760 (rev. 1.0)GB-GZ1DTi7-1070-NK (rev. 1.0)G241-G40 (rev. 100)MA10-ST0 (rev. 1.1)R281-3C1GB-BKi5HT2-7200 (rev. 1.0)GA-J1800N-HGA-H61M-S2PV (rev. 2.3)MZ73-LM1 (rev. 1.x)GA-H170-Gaming 3 DDR3 (rev. 1.0)GB-BNi7QG4-950 (rev. 1.0)alienware-x14-r1-laptopGB-BSCE-3955GA-Z170X-Gaming G1 (rev. 1.0)MZ72-HB2 (rev. 3.x)inspiron-15-3502-laptopxps-8960-desktopinspiron-20-3059-aioalienware-m17-r4-laptopGB-BNE3HG4-950 (rev. 1.0)MZBAYAG (rev. 1.0)W281-G40X299 AORUS Gaming 3 ProGB-BKi7HT-7500GB-EKi3A-7100GA-P67A-UD3-B3 (rev. 1.x)R283-Z93thinkcentre-m62zGB-BSi3A-6100 (rev. 1.0)R271-Z00 (rev. B00)R283-ZF0 (rev. AAL1)inspiron-15-3510-laptopG1.Sniper 3 (rev. 1.0)H262-PC0 (rev. 100)G1.Sniper M7 (rev. 1.0)MU92-TU0 (rev. 1.x)GA-H170-HD3 DDR3GB-TCV2A (rev. 1.0)GA-B75TNG150-B10 (rev. 111)alienware-m17-r3-laptopGA-Z68X-UD3P-B3MD72-HB3 (rev. 1.x)GA-Z170N-WIFIMZ72-HB0 (rev. 3.x/4.x)H261-T60 (rev. 100)R283-Z93 (rev. AAF1)G292-Z46PRIMERGY CX270 S2X299 AORUS MASTERvostro-24-5460-aioGA-C1007UN (rev. 1.0)alienware-m15-r2-laptopE283-S90 (rev. AAD1)GB-BNi5HG6-1060GA-B150M-DS3PMultipleG292-Z20 (rev. 100)GB-BRi5-10210(E)GA-H110M-S2H DDR3GA-H110M-DS2V (rev. 1.0)GB-BACE-3000-FT-BW (rev. 1.0)GA-Z68XP-D3 (rev. 1.0)GB-BRi5-8250GA-Z68MA-D2H-B3 (rev. 1.0)R181-Z90poweredge-c5230G482-Z53MW32-SP0 (rev. 1.0)R263-Z35 (rev. AAL1)alienware-area51m-r2-laptopthinkcentre-edge-92zGA-Z68MX-UD2H-B3P15F R5X299-WU8inspiron-24-3455-aioM9M3XAI (rev. 1.0)aspire c22-1600G291-Z20 (rev. A00)c24-1655GA-X99-UD7 WIFIGA-Z170-HD3PG593-ZD2 (rev. AAX1)MW22-SE0 (rev. 1.0)GA-H110M-S2PTGA-X99-SOC ChampionGA-H110M-S2 (rev. 1.x)GB-BSI3H-6100-ZA-IWUS (rev. 1.0)GB-BRi3-10110 (rev. 1.0)hp-rp5-retail-system-model-5810MB10-DS0 (rev. 1.3)GB-BXi5G-760 (rev. 1.0)X299 UD4 Pro (rev. 1.0)R133-C10 (rev. AAG1)MD61-SC2 (rev. 1.x)GB-BXi5-4570RG293-S46 (rev. AAM1)GB-BKi5A-7200 (rev. 1.0)GA-X99-SLIMD70-HB1 (rev. 1.2)S12-P04R (rev. 1.0)MC13-LE0 (rev. 1.x/3.x)G482-Z50 (rev. 100)GA-H170M-D3H DDR3GA-H87TN (rev. 1.0)MZBAYAD (rev. 1.0)GA-B85TNX299 AORUS GamingR283-S94H231-G20 (rev. 100/A00)MX34-BS0 (rev. 1.x)GB-BEi5-1240 (rev. 1.0)MW70-3S0 (rev. 1.0)GB-EKi3M-7100iTXL-Q170AMF51-ES0 (rev. 1.0)GA-Z68XP-UD3P (rev. 1.0)inspiron-3472-desktopG492-Z52aspire xc-1710R162-ZA0 (rev. 100)GA-P75-D3 (rev. 1.0)R283-Z97H262-NO1hp-elitedesk-705-g1-desktop-mini-pcGA-H170TNR121-X30 (rev. 100)G593-ZX1 (rev. AAX1)MP30-AR1 (rev. 1.1)aio-300-22isuGA-J1900N-D2Hinspiron-22-3263-desktop-aioGA-H170M-DS3HGA-H61M-SGA-E350N WIN8 (rev. 1.0)GB-BXi5-5200G492-Z50 (rev. A00)MD30-RS0 (rev. 1.0)H262-Z61GA-6LXGH (rev. 1.0)hp-z1-all-in-one-g2-workstationR282-G30GB-BER5-5600GA-Z170X-Gaming GTGB-XM12-3227 (rev. 1.0)GA-Z77X-UD4Haspire s32-1856GA-Z68X-UD3-B3GA-H110-D3A (rev. 1.0)G292-Z43GB-EACE-3450X299 AORUS Gaming 3GA-H81TNH262-Z6BH270-H70 (rev. 100)G1.Sniper B7GA-Z170X-Gaming 3 (rev. 1.0)GA-Z170X-UD3 (rev. 1.0)GA-6LXSG (rev. 1.0)GA-H110M-S2VR260-R3CGA-J1900M-D2P (rev. 1.1)GB-BSi3-6100 (rev. 1.0)GB-GZ1DTi5K (rev. 1.0)GB-BRi3-8130MZBAYAC (rev. 1.0)R143-EG0-AAC1MDH11HI (rev. 1.0)GA-X99-Gaming 5PGA-Z77M-D3H-MVP (rev. 1.0)GA-Z170-Gaming K3 (rev. 1.0)GB-BER3-5300G242-Z10MZ73-LM1 (rev. 1.0)R162-ZA0 (rev. A00)GB-BXi7-4500 (rev. 1.0)R163-SG0 (rev. AAC1)MD80-TM1 (rev. 1.0)lenovo-c365-all-in-oneGB-BSi7-6500GB-BSi5A-6200GB-BER5-5500 (rev. 1.0)MZ32-AR0 (rev. 3.x)GB-BPCE-3455CS252-ZC0G492-ZD0 (rev. 100)R181-2A0 (rev. 100)GB-BER3-5400alienware-aurora-r16-desktopPRIMERGY RX100 S7pGB-BACE-3150-FT-BW (rev. 1.0)R183-Z90 (rev. LAD1)MD72-HB0 (rev. 1.x/2.0)GA-H110MSTX-HD3 (rev. 1.0)GA-B150M-D3H (rev. 1.0)WRX80-SU8-IPMI (rev. 1.0)G293-Z40GB-BSi7A-6500 (rev. 1.0)GB-BMCE-5105GA-Z170-HD3 (rev. 1.0)H233-Z80GA-J1800M-D2PGA-Z77M-D3HGB-BSi7-1165G7GA-H110M-HD3 DDR3GB-BXBT-1900GA-6LXGL (rev. 1.0)hp-z1-all-in-one-workstationGB-BNi7G4-1050TiGA-H170-HD3GA-H77TNU21MGA-6LXSL (rev. 1.0)GA-Z68X-UD3H-B3G152-Z12 (rev. 200)R143-E30 (rev. AAB1)R162-Z10GA-H110M-D3H R2 (rev. 1.0)aspire s 27GA-X99M-Gaming 5 (rev. 1.0)GA-Z170M-D3H (rev. 1.0)GA-X99-Phoenix SLIR280-G2OGA-H170M-D3HR160-S34R161-R12G292-Z20 (rev. A00)R263-Z35 (rev. AAF1)ME03-PE0 (rev. 1.0)H223-V10GB-EAPD-4200GA-Z77-DS3H (rev. 1.0)R182-Z90 (rev. A00/B00/AT0)GA-Z77-HD4alienware-17-laptopalienware-13-laptopG242-Z12GA-Z170X-UD5H252-Z12 (rev. A02)H262-PC1 (rev. 100)Q2542NE152-ZE1 (rev. A00)GA-Q77M-D2H (rev. 1.0)MZ71-CE0 (rev. 3.x/4.x)GA-Z170-D3HGA-Z77X-D3HGA-X99-Gaming 5 (rev. 1.0)alienware-17-r3H242-Z10 (rev. A00)GB-BRR5-4500 (rev. 1.0)J4105N HGB-BRR3-4300 (rev. 1.0)GB-BSi7HT-6500E163-Z30GB-BEi3-1220 (rev. 1.0)GB-BMCE-4500CG482-Z51 (rev. 100)GB-BER7-7840C621-SD8MC13-LE0 (rev. 1.x)hp-compaq-elite-8380-convertible-minitower-pcGA-B150M-D3H DDR3GA-Z77-HD3G493-ZB0 (rev. AAP1)R180-F28 (rev. 152)alienware-17-r2GB-BSi5-6200 (rev. 1.0)GA-Z77X-UD3H (rev. 1.0)GB-BRi7-8550 (rev. 1.0)GA-H170-D3HP (rev. 1.0)E163-S30 (rev. AAB1)G291-Z20 (rev. 100)E283-Z90GA-Z170X-UD5 TH (rev. 1.0)GA-P67X-UD3R-B3 (rev. 1.0)inspiron-3662-desktopaio-510-22asrGB-BXBT-2807GA-N3160N-D2HGA-H110M-DS2V DDR3 (rev. 1.0)alienware-aurora-r11-desktopMZ33-AR0 (rev. 1.x)MDH11KI (rev. 1.0)X299 UD4 (rev. 1.0)GA-H110M-S2PH DDR3MD71-HB0 (rev. 1.x)W771-Z00 (rev. 100)R133-X11 (rev. AAG1)lenovo-c460-all-in-oneGA-J1900N-D3V (rev. 1.x)MD60-SC0 (rev. 1.1)GA-H110M-HGB-BRi7-10710 (rev. 1.0)GA-X99-Gaming 7 WIFI (rev. 1.0)GA-B150N-GSMR262-ZA2GA-B150M-HD3 DDR3GB-BER7-5700GA-H170-Designare (rev. 1.0)GA-H110M-DS2 DDR3 (rev. 1.0)GA-N3150M-D3PGB-BXi7-4770R (rev. 1.0)MX32-4L0 (rev. 1.0)MB12-CE0 (rev. 100)GB-BACE-3150GA-H110M-Gaming 3 (rev. 1.0)GB-BSRE-1505 (rev. 1.0)GA-H77-DS3H (rev. 1.0)MD60-SC1 (rev. 1.1)GB-BSi3-1115G4 (rev. 1.0)GB-BKi7A-7500H230-R4C (rev. 100)GA-IMB1900NMZBSWAI (rev. 1.0)GA-P75-D3PR163-Z32 (rev. AAG1)G211-H4GMW31-SP0 (rev. 1.0)G250-G51 (rev. 400)alienware-aurora-r15-amd-desktopT181-Z70 (rev. A00)MFH27AI (rev. 1.0)MW34-SP0 (rev. 1.0)inspiron-3250-small-desktopG493-SB0G292-280 (rev. 100)R282-Z90 (rev. A00)GA-X99-Ultra GamingGA-Z170X-Gaming 6G262-IR0 (rev. 100)alienware-aurora-r13-desktopR121-340GA-H110NGA-B150M-D2V DDR3 (rev. 1.0)GB-BKi3A-7100 (rev. 1.0)R181-T90 (rev. 100)MF51-ES1 (rev. 1.0)R181-Z90 (rev. 100)R270-D70MZ71-CE0 (rev. 1.x)GA-X150M-PRO ECC (rev. 1.0)GA-H77N-WIFIG262-ZO0MZ33-CP0 (rev. 1.x)GA-H110M-S2HGA-H110M-D3H (rev. 1.0)GA-N3160TN (rev. 1.0)lenovo-erazer-x700-desktopGA-X150-PLUS WS (rev. 1.0)G493-ZB1 (rev. AAP1)R263-Z30 (rev. AAC1)hp-proone-400-g1-19.5-inch-non-touch-all-in-one-pcGB-BACE-3160GA-B150M-D2VGA-X99-UD4X299 AORUS Gaming 9 (rev. 1.0)MD72-HB2 (rev. 1.x)inspiron-17-5755-laptopalienware-13alienware-x17-r2-laptopMD72-HB1 (rev. 1.x)G492-H80MZ72-HB0 (rev. 3.0/4.0)GA-H110TN-MGA-B75N (rev. 1.0)GA-H110M-S2V DDR3 (rev. 1.0)MU72-SU0 (rev. 1.x/2.x)G180-G00 (rev. 100)D120-C20 (rev. 230)X299 AORUS Gaming 7 Pro (rev. 1.0)H253-Z10MB51-PS0 (rev. 1.0)H282-ZC0 (rev. A00)GB-BPCE-3455GA-X99-UD3P (rev. 1.0)H263-V11GA-H77M-HD3GA-N3050M-D3P (rev. 1.0)PRIMERGY TX100 S3pGA-Z170-HD3 DDR3 (rev. 1.0)GA-C1007UN-D (rev. 1.0)Studio Sys UPDlenovo-10w-type-82st-82suthinkcentre-edge-62zGA-Z170X-UD3 Ultra (rev. 1.0)GA-6LASL (rev. 1.0)S453-Z30R271-Z00 (rev. A00)TO25-Z11MZJ19AI (rev. 1.0)H23N-R4OGA-H110-D3EL-30 (rev. 1.0)GA-B75M-D3V (rev. 1.0)GB-BKi5HT-7200 (rev. 1.0)GA-X170-EXTREME ECCGA-H77-D3Hhp-compaq-pro-6305-microtower-pcG293-Z23MDH11BM (rev. 1.0)inspiron-24-3464-aioR143-EG0 (rev. AAC1)GA-X99-UD3GB-BEi7-1260 (rev. 1.0)MZ73-LM0 (rev. 2.x)H281-PE0MSQ77DI (rev. 1.1)C621-WD12-IPMI (rev. 1.0)GB-BPCE-3350C (rev. 1.0)GA-N3050N-D3H (rev. 1.0)H310NGA-N3150N-D3V (rev. 1.0)GA-Z68X-UD3R-B3GB-SIOPS-J1900 (rev. 1.0)GA-H110M-S2PV DDR3alienware-13-r2MATMH81 (rev. 1.0)GB-BSCEA-3955inspiron-5680-gaming-desktoplenovo-h520e-desktopG492-ID0 (rev. 100)J4005N D2PGA-X99-SOC ForceGB-BPCE-3350 (rev. 1.0)lenovo-62-desktopX299 AORUS Ultra Gaming Pro (rev. 1.0)GB-BACE-3000hp-z820-workstationGA-F2A85XM-D3HR182-34AG152-Z12R282-Z97 (rev. A00)GB-BSi7A-6600 (rev. 1.0)GB-BMPD-6005R163-Z30 (rev. AAB1)GA-B150M-D3VGA-H310TN-R2 (rev. 1.0)GA-H110M-S2PVMW21-SE0 (rev. 1.0)GA-Q87TN (rev. 1.0)E251-U70 (rev. 100)GB-BKi7HT2-7500 (rev. 1.0)GA-Z77X-UP5 TH (rev. 1.0)MQHUDVI (rev. 1.0)vostro-3252-small-desktopR263-Z33 (rev. AAL1)TO23-H60R182-NC0GA-H110M-DS2 (rev. 1.0/1.1/1.2)E162-220GA-B150-HD3 DDR3GA-Z77N-WIFIMC62-G41 (rev. 1.0)GA-B150M-HD3G291-280GA-H110TN-EGA-Z77P-D3PRIMERGY TX120 S3pC621-SU8 (rev. 1.0)GA-X150-PRO ECCGA-Z170X-Gaming 5 (rev. 1.0)GA-H110M-HD2 (rev. 1.0)R243-E30-AAC1X299 AORUS Ultra Gaming (rev. 1.0)MZAPLAI (rev. 1.0)GA-X99-Designare EXMU70-SU0 (rev. 1.0)GA-N3150N-D2H (rev. 1.0)alienware-15-r4GA-P67X-UD3-B3R152-Z30GA-N3160M-D3PE152-ZE0GA-B75M-HD3 (rev. 1.0)H263-V60 (rev. AAW1)H263-S62H261-Z60 (rev. 100)hp-elitedesk-800-g1-tower-pcxps-8950-desktopGA-H110M-DS2 (rev. 1.3)GB-BXi3-5010 (rev. 1.0)G191-H44GA-J1800N-D2PH (rev. 1.1)alienware-x15-r1-laptopGA-P110-D3iKBLMUx-DER(Volta Charging)GA-X99M-Gaming 5 (rev. 1.1)GA-7PXSL1 (rev. 1.0)H273-Z80H231-H60 (rev. 100/A00)R183-Z93 (rev. AAV1)GB-BSi5HT-6200 (rev. 1.0)G492-ZD2 (rev. A00)iAPLx-DE(TAA30 TEST)hp-z220-convertible-minitower-workstationGA-6UASL1 (rev. 1.0)GB-BXBT-3825 (rev. 1.0)GA-H110M-D3H R2 TPM (rev. 1.0)GA-Z68A-D3-B3 (rev. 1.0)MZBAYAI (rev. 1.0)GA-J1900M-D3PGA-H110M-S2HP (rev. 1.0)GB-SIOPS-4550U (rev. 1.0)hp-prodesk-600-g1-desktop-mini-pcGB-BSi5-1135G7G292-Z42 (rev. 100)W131-X30GA-Z77X-UD3Hinspiron-15-5552-laptopMJ11-EC0 (rev. 1.2)altos r680 f4GA-Z77MX-D3HC621-WD12H261-Z60GB-BNi5HG4-950GB-BSi5H-6200-B2-IW (rev. 1.0)GA-H61M-S1MZ33-AR0 (rev. 1.0)R282-Z93 (rev. A00)GA-J1800M-D2P-IN (rev. 1.1)MSH87FI (rev. 1.0)GA-B150N Phoenix (rev. 1.0)thinkcentre-m72zG482-Z54GA-Z77MX-D3H TH (rev. 1.0)GA-X99-Gaming G1 WIFI (rev. 1.0)G262-IR0GA-Z170MX-Gaming 5R162-ZA1GA-9SISL (rev. 1.2)ME03-PE0 (rev. 1.x)GA-Z68M-D2HGA-H310MSTX-HD3ME03-CE0 (rev. 1.0)GA-B150-HD3 (rev. 1.0)R133-X13 (rev. AAB1)GB-BXPi3-4010 (rev. 1.0)GB-BER7-5800GA-H170-Gaming 3GB-BXCE-2955 (rev. 1.0)GA-H170M-HD3 DDR3GB-BXi7G3-760GA-P67-DS3-B3W331-Z00 (rev. 100)G293-Z42 (rev. IAP1)GA-6UASL3 (rev. 1.x/2.x)GA-Z68AP-D3GA-Z68XP-UD3-iSSD (rev. 1.0)G1.Sniper M3GB-BSi7H-6500-LA-IW (rev. 1.0)GA-Z68P-DS3 (rev. 2.0)MD72-HB2 (rev. 1.x/2.x)GB-BRR7-4700GA-6LASH (rev. 1.0)GA-Z170M-D3H DDR3 (rev. 1.0)GA-Z68XP-UD3H262-PC2GA-Z68X-UD4-B3 (rev. 1.0)GB-BNi7G4-950 (rev. 1.0)MDH11JI (rev. 1.0)R163-Z35 (rev. AAC1)GB-BSRE-1605 (rev. 1.0)GA-B75-D3V (rev. 1.0)MZ72-HB0 (rev. 1.x)G291-2G0 (rev. 100)GA-B75M-D3H (rev. 1.0)hp-z420-workstationGB-BXi3-4010 (rev. 1.0)GA-SBC4100 (rev. 1.0)PRIMERGY CX420 S1 ChassisGA-H110M-S2 DDR3G492-ZD0GA-H77M-D3H (rev. 1.0)GA-Z170N-Gaming 5 (rev. 1.0)GA-6LISL (rev. 1.1)R182-NA0G293-Z20inspiron-3656-desktopTO25-S11 (rev. AA01)TO15-Z40GA-Z170XP-SLIc24-962GA-Z170X-DesignareGA-Z68A-D3H-B3 (rev. 1.0)GA-IMB4100TNinspiron-17-3782-laptopC621 AORUS XTREME (rev. 1.0)S453-S70GA-IMB1900TN (rev. 1.0)GA-B150M-DS3H (rev. 1.0)EL-20-3060-32G (rev. 1.0)X299 UD4 EX (rev. 1.0)H23N-H60G591-HS0MVBAYAI (rev. 1.0)G190-G30MX34-BS0 (rev. 1.0)altos r680s f4G242-Z11vostro-20-3015-aioinspiron-3655-desktopTO25-Z12 (rev. AA01)GB-BRR7-4800GA-P67A-D3-B3GA-F2A55M-DS2 (rev. 1.0)MD70-HB2 (rev. 1.0)GA-N3050N-D2P (rev. 1.0)H261-NO0GA-6LXSV (rev. 1.2)R163-S30 (rev. AAB1)GA-H110TN (rev. 1.0)GB-BACE-3010 (rev. 1.0)alienware-alphaGA-X99-UD4P (rev. 1.0)AU47 M1R161-340 (rev. 100/200)GA-H170-D3H (rev. 1.0)hp-z228-microtower-workstationG293-S45MW51-HP0 (rev. 1.x)R130-134vostro-20-3052-aioGA-Z77-D3HGA-J1800N-D2P (rev. 1.0)R281-3C2H262-Z6AH270-F4G (rev. 100)GB-BNi7HG4-950R182-340 (rev. 100)inspiron-one-23-2330-aioMX33-BS0 (rev. 1.x)GA-B75M-D2V (rev. 1.0)GA-H170N-WIFIGA-Z77X-D3H (rev. 1.0)GA-N3160N-D3V (rev. 1.0)R272-Z30 (rev. 100)GB-BXCE-3205MD80-TM0 (rev. 1.0)vz2694gH263-V60G363-ZR0G292-Z45S251-3O0 (rev. 100)GA-Z77X-UP4 TH (rev. 1.0)ME33-AR0 (rev. 1.0)G221-Z30R270-R3C (rev. 143)B760M D2HX LITE SI (rev. 1.0)GA-X99-UD5 WIFIR123-C00GB-BSi5A-6300 (rev. 1.0)inspiron-24-5459-aioH261-H61 (rev. 100)MD71-HB1 (rev. 1.x)alienware-aurora-r14-desktopG250-G50 (rev. 400)R292-4S0GA-E6010N (rev. 1.0)GB-BXi7-5500alienware-aurora-r15-desktopMC12-LE0 (rev. 1.x)E133-C10 (rev. AAA1)inspiron-22-3265-desktop-aioGA-J1800M-D3P (rev. 1.x)GA-B150-HD3PH262-NO0GA-B150N Phoenix-WIFI (rev. 1.0)GA-B150M-DS3H DDR3GB-KMA1 (rev. 1.0)G210-H4G (rev. 100)GA-Z68XP-UD3R (rev. 1.0)inspiron-15-3521-laptopH252-3C0 (rev. 100)S451-3R0GA-H61M-S2P-R3 (rev. 3.0)GB-BNi7HG4-1050Ti (rev. 1.0)W42G-P08RGB-KMA3 (rev. 1.0)G292-Z40GA-B75M-S (rev. 1.0)R263-Z34 (rev. AAH1)MZBAYVA (rev. 1.2)GA-Z170X-Gaming 7GA-H110M-M.2GA-H61TN (rev. 1.1)GB-BNi7HG6-1060 (rev. 1.0)GB-BRi7-10510 (rev. 1.0)R163-S35 (rev. AAH1)MDH11TI (rev. 1.0)GA-Z170X-SOC FORCEE133-C10MU71-SU0 (rev. 1.x)GA-6UASV3 (rev. 1.0)GA-H110M-S2PHX299 AORUS Gaming 7 (rev. 1.0)GA-J1800N-D2H (rev. 1.x)H223-Z10 (rev. AAP1)R283-ZF0 (rev. IAL1)GA-H310TN-CMG482-Z54 (rev. 100)GA-X150M-PLUS WSMW50-SV0 (rev. 1.0)GA-H110M-WWinspiron-3646-small-desktopG482-Z50MU92-TU1 (rev. 1.x/2.x)R283-Z94GA-B150M-D3V DDR3GA-H77-D3H-MVP (rev. 1.0)R162-ZA2GA-X99P-SLIG292-280G182-C20MX32-BS0 (rev. 1.0)G292-Z40 (rev. 100)GA-H97TN (rev. 1.0)GA-H110M-H DDR3GA-B75M-D3VR183-S90 (rev. LAD1)MF51-ES2 (rev. 1.0)
CVE-2021-36342
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.21%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-23 Feb, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-embedded_box_pc_5000_firmwarealienware_aurora_r12_firmwarealienware_17_r4_firmwarelatitude_7200_2-in-1_firmwareprecision_3561_firmwareinspiron_5477_aiodell_g15_5510inspiron_15_3573_firmwarevostro_5501vostro_3401inspiron_3580inspiron_3480optiplex_3240_all-in-onelatitude_7520inspiron_3470_firmwarelatitude_9510_firmwareinspiron_5301_firmwaredell_g5_5590_firmwarelatitude_5310_firmwarevostro_3669vostro_14_5471_firmwarelatitude_3320vostro_13_5370latitude_5410_firmwarelatitude_7410inspiron_7706_2-in-1dell_g5_5590inspiron_3880_firmwareoptiplex_xe3inspiron_5770inspiron_7400precision_7550latitude_5488vostro_5490_firmwarelatitude_rugged_7424inspiron_5598latitude_7275_2-in-1_firmwareinspiron_5583_firmwarelatitude_3551_firmwareprecision_3440_firmwareinspiron_13_7378vostro_14_3478_firmwareinspiron_15_5578_firmwarelatitude_5500_firmwarealienware_area_51m_r1_firmwaredell_g7_7587_firmwarelatitude_e5470_firmwarevostro_3690optiplex_5250_firmwareinspiron_3490_firmwareoptiplex_7490_aiolatitude_5511_firmwareinspiron_3462_firmwareoptiplex_7460_all_in_onelatitude_3190_2-in-1latitude_5480_firmwareinspiron_5401inspiron_7400_firmwareprecision_7560inspiron_5590precision_3620_tower_firmwareoptiplex_7450_firmwareinspiron_7386inspiron_15_7573vostro_3562latitude_rugged_5424dell_g3_3590latitude_7310latitude_3500vostro_3470inspiron_7506_2-in-1_firmwarevostro_14_5468inspiron_3480_aioprecision_3930_rack_firmwareinspiron_7791latitude_5300_firmwaredell_g5_5000_firmwarevostro_3881_firmwareprecision_5530_2-in-1latitude_7290latitude_7414_rugged_extremevostro_5481latitude_5290_2-in-1_firmwarealienware_aurora_r8latitude_3590inspiron_7610_firmwarealienware_aurora_r12latitude_3480_firmwareinspiron_15_5582latitude_rugged_7220latitude_7380_firmwarelatitude_12_5289_2-in-1vostro_3581_firmwareinspiron_5410inspiron_3671inspiron_5409_firmwareoptiplex_7050_firmwareoptiplex_7090_tower_firmwareinspiron_14_3473inspiron_14_3473_firmwareprecision_7740precision_3450vostro_5880_firmwareoptiplex_3240_all-in-one_firmwareprecision_5820_tower_firmwarelatitude_3400inspiron_7500alienware_x15_r1vostro_5502_firmwaredell_g3_3779inspiron_5408inspiron_5580_firmwareoptiplex_5070inspiron_5480latitude_5420_firmwareprecision_3540latitude_5591vostro_3660precision_3541precision_3620_towervostro_5590_firmwarevostro_3400optiplex_7440_aio_firmwareinspiron_5391latitude_5175_firmwarelatitude_7480latitude_7210_2-in-1_firmwarelatitude_7400_2-in-1_firmwareinspiron_7777_aiovostro_15_5510_firmwarevostro_3401_firmwarelatitude_5400_firmwareinspiron_3502optiplex_7070precision_3431_tower_firmwaredell_g15_5511_firmwareinspiron_5400_2-in-1_firmwareinspiron_3782_firmwarevostro_3481_firmwarelatitude_5590_firmwareoptiplex_7090_uff_firmwareoptiplex_3050_firmwarevostro_3890optiplex_7780_all-in-onechengming_3980_firmwareprecision_5750_firmwareoptiplex_3046inspiron_5401_firmwarevostro_15_3578_firmwarevostro_3669_firmwarelatitude_9410inspiron_3593vostro_15_7580inspiron_7590precision_3520vostro_14_3468_firmwarealienware_15_r3_firmwareprecision_5510_firmwaredell_g5_5090dell_g7_7700vostro_15_3568alienware_m15_r4latitude_7480_firmwarelatitude_e5570latitude_7400_2-in-1alienware_m15_r1latitude_13_7390_2-in-1vostro_5090inspiron_3780_firmwarelatitude_5590alienware_13_r3_firmwarelatitude_5501latitude_rugged_7220exvostro_3670latitude_3400_firmwaredell_g3_3579vostro_5890latitude_7300optiplex_5080inspiron_3880latitude_5591_firmwarevostro_3582_firmwarelatitude_5501_firmwareinspiron_13_7370optiplex_5490_aiovostro_5581_firmwarelatitude_e5570_firmwareinspiron_3268vostro_3671_firmwarevostro_5402_firmwareinspiron_5580precision_7540vostro_15_5510precision_5540_firmwarevostro_3583inspiron_3477_aio_firmwareoptiplex_7070_uff_firmwareinspiron_7790_firmwarevostro_5591_firmwarealienware_m15_r3alienware_m17_r4_firmwarelatitude_5510inspiron_5481_firmwareprecision_3440inspiron_7380_firmwaredell_g7_7500_firmwareinspiron_13_7370_firmwarelatitude_5401vostro_5301latitude_rugged_7220_firmwarevostro_5490alienware_17_r5_firmwarelatitude_7320dell_g15_5511inspiron_3482_firmwareinspiron_5482_firmwarevostro_3584inspiron_15_7572_firmwarelatitude_e5270optiplex_3070latitude_3301vostro_3400_firmwareoptiplex_5040_firmwarevostro_5300inspiron_15_3567_firmwareinspiron_14_5410_firmwareinspiron_3472_firmwareinspiron_7786optiplex_7071alienware_area_51m_r1latitude_13_7389_2-in-1_firmwarelatitude_e5270_firmwareprecision_7730vostro_3890_firmwareinspiron_5406_2-in-1_firmwarelatitude_5580inspiron_15_5518optiplex_3080vostro_5502vostro_15_3568_firmwareinspiron_5598_firmwareinspiron_5490inspiron_5584vostro_3481precision_7760vostro_3501precision_7730_firmwaredell_g7_7587inspiron_5406_2-in-1vostro_5391_firmwarelatitude_12_7280_ultrabooklatitude_7320_detachable_firmwareoptiplex_7070_uffalienware_x15_r1_firmwareprecision_3550inspiron_7586_firmwarelatitude_5290_firmwarelatitude_3520latitude_3510inspiron_5593precision_5820_towerlatitude_5520inspiron_3670_firmwareinspiron_14_3467_firmwareoptiplex_3090latitude_5411_firmwareinspiron_13_7000_firmwarelatitude_5290_2-in-1inspiron_3668_firmwareoptiplex_7050inspiron_5300optiplex_7780_all-in-one_firmwarelatitude_5285_2-in-1optiplex_5260_all-in-oneinspiron_7501_firmwarevostro_3583_firmwareinspiron_5477_aio_firmwareinspiron_5391_firmwareinspiron_7580_firmwareoptiplex_7440_aioinspiron_7390_firmwarealienware_15_r3optiplex_5040precision_5510alienware_aurora_r11latitude_5401_firmwareinspiron_15_5566inspiron_15_gaming_7577_firmwaredell_g5_5500latitude_13_7370_ultrabookalienware_17_r5latitude_14_rugged_5414vostro_3671inspiron_5402_firmwareinspiron_7590_firmwarelatitude_5500inspiron_3582inspiron_7591_firmwareoptiplex_5270_all-in-onevostro_7500_firmwareinspiron_3472optiplex_3060_firmwarelatitude_5179_firmwareprecision_7530inspiron_5493_firmwareinspiron_5591_2-in-1_firmwarevostro_15_3572inspiron_3668precision_7560_firmwareinspiron_3881_firmwareinspiron_7490_firmwareprecision_5720_aiovostro_3501_firmwareinspiron_3476_firmwareinspiron_3781_firmwareinspiron_3790_firmwarelatitude_12_rugged_extreme_7214inspiron_3462vostro_15_5410_firmwareinspiron_3511_firmwarevostro_3668latitude_5421latitude_5280latitude_rugged_5420latitude_3310inspiron_5508precision_3240_cffinspiron_5491_2-in-1_firmwareoptiplex_3050_aio_firmwareoptiplex_5480_all-in-one_firmwarealienware_m17_r1_firmwareinspiron_5593_firmwarelatitude_5480vostro_5591inspiron_5481vostro_7510_firmwareoptiplex_3060inspiron_5310_firmwareinspiron_5491_2-in-1dell_g7_7700_firmwareinspiron_3471_firmwarelatitude_3420_firmwarevostro_5090_firmwareoptiplex_7480_all-in-oneoptiplex_3070_firmwarevostro_3581inspiron_13_7000vostro_5301_firmwarevostro_15_5410latitude_5490precision_5530latitude_7380inspiron_3481inspiron_3510inspiron_7391_firmwareinspiron_17_7773_firmwarealienware_area_51m_r2_firmwareoptiplex_3090_firmwarevostro_5300_firmwarevostro_5310_firmwareinspiron_5584_firmwarevostro_7590latitude_5175vostro_5590alienware_m17_r1precision_5530_2-in-1_firmwareinspiron_3502_firmwarelatitude_3570_firmwareinspiron_7391inspiron_7390latitude_9420_firmwareinspiron_5480_firmwarevostro_14_3468dell_g15_5510_firmwarevostro_3490_firmwaredell_g7_7588_firmwareinspiron_5370precision_3560_firmwaredell_g7_7500optiplex_5080_firmwarealienware_m17_r3_firmwareinspiron_13_5379latitude_5510_firmwaredell_g5_5090_firmwarevostro_3888_firmwareinspiron_15_5518_firmwarealienware_x17_r1_firmwareinspiron_3671_firmwarelatitude_3490latitude_3510_firmwareinspiron_5300_firmwarelatitude_3190vostro_15_7570alienware_15_r4precision_7920_tower_firmwareinspiron_7501inspiron_5502_firmwarelatitude_5320_firmwareinspiron_13_7373_firmwareinspiron_5490_aiooptiplex_3050_aiochengming_3988_firmwareinspiron_7706_2-in-1_firmwareinspiron_3576inspiron_13_5378inspiron_13_5378_firmwarechengming_3988latitude_12_7280_ultrabook_firmwareinspiron_3582_firmwarevostro_3582inspiron_3782latitude_12_5289_2-in-1_firmwarelatitude_5290inspiron_3490latitude_5421_firmwareprecision_7510alienware_area_51m_r2optiplex_5270_all-in-one_firmwareprecision_5520vostro_3580_firmwarelatitude_5420inspiron_13_7378_firmwaredell_g7_7790latitude_5285_2-in-1_firmwarevostro_3480_firmwareinspiron_7300_firmwarelatitude_5400inspiron_3280_firmwarelatitude_rugged_7220ex_firmwareprecision_3630_tower_firmwarealienware_m17_r4latitude_5320inspiron_5491_aio_firmwareinspiron_5409vostro_3590optiplex_5090_towerinspiron_3501inspiron_3482inspiron_7510_firmwarelatitude_3380_firmwarevostro_5401precision_7920_toweroptiplex_7460_all_in_one_firmwareinspiron_5509_firmwarevostro_3471vostro_14_5471inspiron_3780latitude_5288_firmwarevostro_3268_firmwarevostro_15_7580_firmwareinspiron_7510precision_3450_firmwareprecision_3541_firmwareinspiron_5570_firmwarealienware_15_r4_firmwaredell_g3_3500_firmwareinspiron_13_5379_firmwareprecision_3420_tower_firmwarechengming_3990_firmwareinspiron_5591_2-in-1latitude_7320_detachableinspiron_7306_2-in-1latitude_3580latitude_3380latitude_7210_2-in-1vostro_5391inspiron_5590_firmwareinspiron_7380optiplex_7470_all-in-oneinspiron_3480_firmwareinspiron_15_7572inspiron_3481_firmwarelatitude_3120_firmwareprecision_7510_firmwarelatitude_7290_firmwareinspiron_3580_firmwareinspiron_3576_firmwareinspiron_5402vostro_3580latitude_7410_firmwareinspiron_7791_firmwareinspiron_5493inspiron_5501_firmwarelatitude_3490_firmwarelatitude_13_7389_2-in-1precision_7540_firmwareoptiplex_5060latitude_7390precision_5550_firmwareinspiron_15_5566_firmwareprecision_7520latitude_e7470_firmwarelatitude_rugged_5420_firmwareprecision_7760_firmwareinspiron_7700_aio_firmwarelatitude_5491inspiron_14_5410inspiron_15_5579precision_7550_firmwareprecision_7720_firmwarevostro_15_3578vostro_15_7570_firmwaredell_g3_3779_firmwarelatitude_5490_firmwareoptiplex_7770_all-in-one_firmwarelatitude_3500_firmwareinspiron_3593_firmwarevostro_15_3572_firmwarealienware_aurora_r8_firmwarealienware_m15_r2optiplex_7770_all-in-onedell_g3_3500latitude_3520_firmwarelatitude_7490_firmwareoptiplex_7760_aioinspiron_3277_aiolatitude_5310latitude_3470vostro_3590_firmwarelatitude_7390_firmwareinspiron_5400_aio_firmwarelatitude_3480chengming_3980inspiron_3590_firmwareinspiron_5400_aiochengming_3990inspiron_3471inspiron_13_7373precision_7530_firmwareinspiron_5301latitude_12_rugged_tablet_7212optiplex_7080inspiron_3493_firmwarevostro_3470_firmwareinspiron_7506_2-in-1inspiron_7300_2-in-1_firmwareinspiron_3470inspiron_3268_firmwarelatitude_3190_2-in-1_firmwarevostro_3681latitude_3320_firmwareinspiron_7306_2-in-1_firmwareoptiplex_5060_firmwareoptiplex_5050inspiron_3476chengming_3977_firmwareinspiron_5501optiplex_5090_tower_firmwareinspiron_7472latitude_14_rugged_5414_firmwareinspiron_5594_firmwarevostro_3510chengming_3991inspiron_3781inspiron_15_7570inspiron_15_3567vostro_3667_firmwarelatitude_3189_firmwarelatitude_3180_firmwareoptiplex_3050optiplex_3280_all-in-one_firmwarevostro_3490latitude_12_rugged_tablet_7212_firmwarelatitude_3379_firmwareprecision_7520_firmwarevostro_3670_firmwarelatitude_3310_2-in-1latitude_5300_2-in-1latitude_5179latitude_7490latitude_3570inspiron_7591inspiron_5594inspiron_3511latitude_3180latitude_3190_firmwarevostro_3268latitude_e7470vostro_3584_firmwarelatitude_3300_firmwareprecision_7710_firmwarevostro_5401_firmwarelatitude_7414_rugged_extreme_firmwareprecision_3630_towervostro_3070_firmwarevostro_15_5568_firmwarelatitude_7275_2-in-1precision_3640vostro_13_5370_firmwarelatitude_7300_firmwareoptiplex_3280_all-in-oneoptiplex_7090_uffvostro_5481_firmwaredell_g7_7590_firmwarevostro_5890_firmwareinspiron_5498latitude_7400_firmwareinspiron_3280vostro_3510_firmwareoptiplex_5250inspiron_3881inspiron_3501_firmwareoptiplex_7080_firmwarelatitude_5491_firmwarelatitude_9420dell_g5_5500_firmwarelatitude_rugged_5424_firmwareoptiplex_7760_aio_firmwareinspiron_15_7573_firmwarevostro_3660_firmwareinspiron_5491_aiovostro_3681_firmwarelatitude_3590_firmwareoptiplex_5490_aio_firmwarealienware_aurora_r11_firmwarelatitude_5520_firmwareinspiron_5498_firmwarelatitude_9520_firmwarelatitude_13_7390_2-in-1_firmwareoptiplex_3046_firmwareinspiron_5410_firmwareprecision_7750_firmwarevostro_3267_firmwareinspiron_3581_firmwarelatitude_rugged_7424_firmwaredell_g3_3590_firmwarelatitude_12_7285alienware_m15_r2_firmwareprecision_3430_tower_firmwareinspiron_5390_firmwarelatitude_3379latitude_7420_firmwarevostro_5491inspiron_3480_aio_firmwareoptiplex_7040_firmwareprecision_7710alienware_m15_r1_firmwarealienware_13_r3optiplex_7490_aio_firmwarelatitude_7310_firmwareinspiron_15_gaming_7577vostro_3562_firmwarevostro_14_5468_firmwarelatitude_12_rugged_extreme_7214_firmwarelatitude_3551vostro_5390_firmwarelatitude_5300_2-in-1_firmwareprecision_3420_towerinspiron_3581latitude_3410precision_3520_firmwareinspiron_5494latitude_5310_2_in_1vostro_5501_firmwarelatitude_9410_firmwareinspiron_7500_2-in-1latitude_5411vostro_3471_firmwareinspiron_7580inspiron_3891_firmwareinspiron_5770_firmwarevostro_3070latitude_7320_firmwareoptiplex_5480_all-in-oneoptiplex_xe3_firmwareinspiron_15_3573precision_5530_firmwareinspiron_7300inspiron_3891optiplex_3040_firmwareembedded_box_pc_5000optiplex_7450vostro_5402vostro_14_3478inspiron_7777_aio_firmwareprecision_3240_cff_firmwareinspiron_5509vostro_3500inspiron_7790precision_3430_towerinspiron_5390latitude_3390latitude_5300inspiron_17_7773latitude_5521_firmwareinspiron_7300_2-in-1latitude_3300optiplex_5070_firmwarealienware_17_r4vostro_5310vostro_7510vostro_3500_firmwarevostro_7500inspiron_7386_firmwarevostro_3690_firmwarealienware_m15_r3_firmwareinspiron_3590latitude_5521latitude_9510optiplex_7070_firmwareoptiplex_7090_toweralienware_aurora_r9_firmwarelatitude_7400vostro_15_5568latitude_5288vostro_3881precision_3530precision_3930_rackinspiron_3670inspiron_5508_firmwareinspiron_7500_2-in-1_firmwareoptiplex_5050_firmwarelatitude_5488_firmwareinspiron_3790alienware_m15_r4_firmwarechengming_3977optiplex_3040optiplex_3080_firmwareinspiron_7472_firmwareinspiron_5401_aio_firmwarelatitude_3470_firmwareprecision_7720inspiron_5401_aiolatitude_3420inspiron_14_3467inspiron_5583latitude_3310_firmwareoptiplex_7480_all-in-one_firmwareinspiron_3793_firmwarelatitude_3410_firmwaredell_g7_7588precision_5720_aio_firmwarelatitude_5511precision_3510precision_7820_tower_firmwareinspiron_5408_firmwarelatitude_3189latitude_7200_2-in-1vostro_3668_firmwareprecision_3510_firmwareprecision_7820_towerinspiron_15_5582_firmwarealienware_m17_r3inspiron_15_7570_firmwarealienware_x17_r1dell_g7_7590inspiron_5400_2-in-1inspiron_5482inspiron_7700_aiovostro_7590_firmwarealienware_m17_r2latitude_5410latitude_7420optiplex_5260_all-in-one_firmwareprecision_5520_firmwareinspiron_5494_firmwareinspiron_5310precision_3640_firmwarelatitude_5280_firmwareinspiron_5490_aio_firmwareoptiplex_7060inspiron_3510_firmwareprecision_5550vostro_3888precision_3560latitude_3301_firmwarelatitude_e7270latitude_3120precision_3540_firmwarelatitude_12_7285_firmwareoptiplex_7040precision_3550_firmwareinspiron_15_5579_firmwareoptiplex_7470_all-in-one_firmwareprecision_7750alienware_aurora_r9dell_g3_3579_firmwarelatitude_3580_firmwareinspiron_5570precision_3530_firmwareprecision_7740_firmwaredell_g5_5000vostro_5491_firmwareinspiron_7586vostro_5390precision_3431_towerprecision_3561vostro_5880inspiron_3793latitude_3390_firmwareinspiron_15_5578inspiron_5680vostro_3667latitude_e7270_firmwareprecision_5750inspiron_7500_firmwareinspiron_7490chengming_3991_firmwareinspiron_3277_aio_firmwarelatitude_5580_firmwareinspiron_5680_firmwareoptiplex_7060_firmwareinspiron_7786_firmwareinspiron_5490_firmwarelatitude_7520_firmwarelatitude_3310_2-in-1_firmwarevostro_5581latitude_5310_2_in_1_firmwarelatitude_13_7370_ultrabook_firmwareinspiron_5370_firmwarealienware_m17_r2_firmwareinspiron_5502vostro_3480latitude_9520precision_5540inspiron_3493optiplex_7071_firmwarelatitude_e5470inspiron_7610dell_g7_7790_firmwarevostro_3267inspiron_3477_aioCPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2021-36343
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.21%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-23 Feb, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-embedded_box_pc_5000_firmwarealienware_aurora_r12_firmwarealienware_17_r4_firmwarelatitude_7200_2-in-1_firmwareprecision_3561_firmwareinspiron_5477_aiodell_g15_5510inspiron_15_3573_firmwarevostro_5501vostro_3401inspiron_3580inspiron_3480optiplex_3240_all-in-onelatitude_7520inspiron_3470_firmwarelatitude_9510_firmwareinspiron_5301_firmwaredell_g5_5590_firmwarelatitude_5310_firmwarevostro_3669vostro_14_5471_firmwarelatitude_3320vostro_13_5370latitude_5410_firmwarelatitude_7410inspiron_7706_2-in-1dell_g5_5590inspiron_3880_firmwareoptiplex_xe3inspiron_5770inspiron_7400precision_7550latitude_5488vostro_5490_firmwarelatitude_rugged_7424inspiron_5598latitude_7275_2-in-1_firmwareinspiron_5583_firmwarelatitude_3551_firmwareprecision_3440_firmwareinspiron_13_7378vostro_14_3478_firmwareinspiron_15_5578_firmwarelatitude_5500_firmwarealienware_area_51m_r1_firmwaredell_g7_7587_firmwarelatitude_e5470_firmwarevostro_3690optiplex_5250_firmwareinspiron_3490_firmwareoptiplex_7490_aiolatitude_5511_firmwareinspiron_3462_firmwareoptiplex_7460_all_in_onelatitude_3190_2-in-1latitude_5480_firmwareinspiron_5401inspiron_7400_firmwareprecision_7560inspiron_5590precision_3620_tower_firmwareoptiplex_7450_firmwareinspiron_7386inspiron_15_7573vostro_3562latitude_rugged_5424dell_g3_3590latitude_7310latitude_3500vostro_3470inspiron_7506_2-in-1_firmwarevostro_14_5468inspiron_3480_aioprecision_3930_rack_firmwareinspiron_7791latitude_5300_firmwaredell_g5_5000_firmwarevostro_3881_firmwareprecision_5530_2-in-1latitude_7290latitude_7414_rugged_extremevostro_5481latitude_5290_2-in-1_firmwarealienware_aurora_r8latitude_3590inspiron_7610_firmwarealienware_aurora_r12latitude_3480_firmwareinspiron_15_5582latitude_rugged_7220latitude_7380_firmwarelatitude_12_5289_2-in-1vostro_3581_firmwareinspiron_5410inspiron_3671inspiron_5409_firmwareoptiplex_7050_firmwareoptiplex_7090_tower_firmwareinspiron_14_3473inspiron_14_3473_firmwareprecision_7740precision_3450vostro_5880_firmwareoptiplex_3240_all-in-one_firmwareprecision_5820_tower_firmwarelatitude_3400inspiron_7500alienware_x15_r1vostro_5502_firmwaredell_g3_3779inspiron_5408inspiron_5580_firmwareoptiplex_5070inspiron_5480latitude_5420_firmwareprecision_3540latitude_5591vostro_3660precision_3541precision_3620_towervostro_5590_firmwarevostro_3400optiplex_7440_aio_firmwareinspiron_5391latitude_5175_firmwarelatitude_7480latitude_7210_2-in-1_firmwarelatitude_7400_2-in-1_firmwareinspiron_7777_aiovostro_15_5510_firmwarevostro_3401_firmwarelatitude_5400_firmwareinspiron_3502optiplex_7070precision_3431_tower_firmwaredell_g15_5511_firmwareinspiron_5400_2-in-1_firmwareinspiron_3782_firmwarevostro_3481_firmwarelatitude_5590_firmwareoptiplex_7090_uff_firmwareoptiplex_3050_firmwarevostro_3890optiplex_7780_all-in-onechengming_3980_firmwareprecision_5750_firmwareoptiplex_3046inspiron_5401_firmwarevostro_15_3578_firmwarevostro_3669_firmwarelatitude_9410inspiron_3593vostro_15_7580inspiron_7590precision_3520vostro_14_3468_firmwarealienware_15_r3_firmwareprecision_5510_firmwaredell_g5_5090dell_g7_7700vostro_15_3568alienware_m15_r4latitude_7480_firmwarelatitude_e5570latitude_7400_2-in-1alienware_m15_r1latitude_13_7390_2-in-1vostro_5090inspiron_3780_firmwarelatitude_5590alienware_13_r3_firmwarelatitude_5501latitude_rugged_7220exvostro_3670latitude_3400_firmwaredell_g3_3579vostro_5890latitude_7300optiplex_5080inspiron_3880latitude_5591_firmwarevostro_3582_firmwarelatitude_5501_firmwareinspiron_13_7370optiplex_5490_aiovostro_5581_firmwarelatitude_e5570_firmwareinspiron_3268vostro_3671_firmwarevostro_5402_firmwareinspiron_5580precision_7540vostro_15_5510precision_5540_firmwarevostro_3583inspiron_3477_aio_firmwareoptiplex_7070_uff_firmwareinspiron_7790_firmwarevostro_5591_firmwarealienware_m15_r3alienware_m17_r4_firmwarelatitude_5510inspiron_5481_firmwareprecision_3440inspiron_7380_firmwaredell_g7_7500_firmwareinspiron_13_7370_firmwarelatitude_5401vostro_5301latitude_rugged_7220_firmwarevostro_5490alienware_17_r5_firmwarelatitude_7320dell_g15_5511inspiron_3482_firmwareinspiron_5482_firmwarevostro_3584inspiron_15_7572_firmwarelatitude_e5270optiplex_3070latitude_3301vostro_3400_firmwareoptiplex_5040_firmwarevostro_5300inspiron_15_3567_firmwareinspiron_14_5410_firmwareinspiron_3472_firmwareinspiron_7786optiplex_7071alienware_area_51m_r1latitude_13_7389_2-in-1_firmwarelatitude_e5270_firmwareprecision_7730vostro_3890_firmwareinspiron_5406_2-in-1_firmwarelatitude_5580inspiron_15_5518optiplex_3080vostro_5502vostro_15_3568_firmwareinspiron_5598_firmwareinspiron_5490inspiron_5584vostro_3481precision_7760vostro_3501precision_7730_firmwaredell_g7_7587inspiron_5406_2-in-1vostro_5391_firmwarelatitude_12_7280_ultrabooklatitude_7320_detachable_firmwareoptiplex_7070_uffalienware_x15_r1_firmwareprecision_3550inspiron_7586_firmwarelatitude_5290_firmwarelatitude_3520latitude_3510inspiron_5593precision_5820_towerlatitude_5520inspiron_3670_firmwareinspiron_14_3467_firmwareoptiplex_3090latitude_5411_firmwareinspiron_13_7000_firmwarelatitude_5290_2-in-1inspiron_3668_firmwareoptiplex_7050inspiron_5300optiplex_7780_all-in-one_firmwarelatitude_5285_2-in-1optiplex_5260_all-in-oneinspiron_7501_firmwarevostro_3583_firmwareinspiron_5477_aio_firmwareinspiron_5391_firmwareinspiron_7580_firmwareoptiplex_7440_aioinspiron_7390_firmwarealienware_15_r3optiplex_5040precision_5510alienware_aurora_r11latitude_5401_firmwareinspiron_15_5566inspiron_15_gaming_7577_firmwaredell_g5_5500latitude_13_7370_ultrabookalienware_17_r5latitude_14_rugged_5414vostro_3671inspiron_5402_firmwareinspiron_7590_firmwarelatitude_5500inspiron_3582inspiron_7591_firmwareoptiplex_5270_all-in-onevostro_7500_firmwareinspiron_3472optiplex_3060_firmwarelatitude_5179_firmwareprecision_7530inspiron_5493_firmwareinspiron_5591_2-in-1_firmwarevostro_15_3572inspiron_3668precision_7560_firmwareinspiron_3881_firmwareinspiron_7490_firmwareprecision_5720_aiovostro_3501_firmwareinspiron_3476_firmwareinspiron_3781_firmwareinspiron_3790_firmwarelatitude_12_rugged_extreme_7214inspiron_3462vostro_15_5410_firmwareinspiron_3511_firmwarevostro_3668latitude_5421latitude_5280latitude_rugged_5420latitude_3310inspiron_5508precision_3240_cffinspiron_5491_2-in-1_firmwareoptiplex_3050_aio_firmwareoptiplex_5480_all-in-one_firmwarealienware_m17_r1_firmwareinspiron_5593_firmwarelatitude_5480vostro_5591inspiron_5481vostro_7510_firmwareoptiplex_3060inspiron_5310_firmwareinspiron_5491_2-in-1dell_g7_7700_firmwareinspiron_3471_firmwarelatitude_3420_firmwarevostro_5090_firmwareoptiplex_7480_all-in-oneoptiplex_3070_firmwarevostro_3581inspiron_13_7000vostro_5301_firmwarevostro_15_5410latitude_5490precision_5530latitude_7380inspiron_3481inspiron_3510inspiron_7391_firmwareinspiron_17_7773_firmwarealienware_area_51m_r2_firmwareoptiplex_3090_firmwarevostro_5300_firmwarevostro_5310_firmwareinspiron_5584_firmwarevostro_7590latitude_5175vostro_5590alienware_m17_r1precision_5530_2-in-1_firmwareinspiron_3502_firmwarelatitude_3570_firmwareinspiron_7391inspiron_7390latitude_9420_firmwareinspiron_5480_firmwarevostro_14_3468dell_g15_5510_firmwarevostro_3490_firmwaredell_g7_7588_firmwareinspiron_5370precision_3560_firmwaredell_g7_7500optiplex_5080_firmwarealienware_m17_r3_firmwareinspiron_13_5379latitude_5510_firmwaredell_g5_5090_firmwarevostro_3888_firmwareinspiron_15_5518_firmwarealienware_x17_r1_firmwareinspiron_3671_firmwarelatitude_3490latitude_3510_firmwareinspiron_5300_firmwarelatitude_3190vostro_15_7570alienware_15_r4precision_7920_tower_firmwareinspiron_7501inspiron_5502_firmwarelatitude_5320_firmwareinspiron_13_7373_firmwareinspiron_5490_aiooptiplex_3050_aiochengming_3988_firmwareinspiron_7706_2-in-1_firmwareinspiron_3576inspiron_13_5378inspiron_13_5378_firmwarechengming_3988latitude_12_7280_ultrabook_firmwareinspiron_3582_firmwarevostro_3582inspiron_3782latitude_12_5289_2-in-1_firmwarelatitude_5290inspiron_3490latitude_5421_firmwareprecision_7510alienware_area_51m_r2optiplex_5270_all-in-one_firmwareprecision_5520vostro_3580_firmwarelatitude_5420inspiron_13_7378_firmwaredell_g7_7790latitude_5285_2-in-1_firmwarevostro_3480_firmwareinspiron_7300_firmwarelatitude_5400inspiron_3280_firmwarelatitude_rugged_7220ex_firmwareprecision_3630_tower_firmwarealienware_m17_r4latitude_5320inspiron_5491_aio_firmwareinspiron_5409vostro_3590optiplex_5090_towerinspiron_3501inspiron_3482inspiron_7510_firmwarelatitude_3380_firmwarevostro_5401precision_7920_toweroptiplex_7460_all_in_one_firmwareinspiron_5509_firmwarevostro_3471vostro_14_5471inspiron_3780latitude_5288_firmwarevostro_3268_firmwarevostro_15_7580_firmwareinspiron_7510precision_3450_firmwareprecision_3541_firmwareinspiron_5570_firmwarealienware_15_r4_firmwaredell_g3_3500_firmwareinspiron_13_5379_firmwareprecision_3420_tower_firmwarechengming_3990_firmwareinspiron_5591_2-in-1latitude_7320_detachableinspiron_7306_2-in-1latitude_3580latitude_3380latitude_7210_2-in-1vostro_5391inspiron_5590_firmwareinspiron_7380optiplex_7470_all-in-oneinspiron_3480_firmwareinspiron_15_7572inspiron_3481_firmwarelatitude_3120_firmwareprecision_7510_firmwarelatitude_7290_firmwareinspiron_3580_firmwareinspiron_3576_firmwareinspiron_5402vostro_3580latitude_7410_firmwareinspiron_7791_firmwareinspiron_5493inspiron_5501_firmwarelatitude_3490_firmwarelatitude_13_7389_2-in-1precision_7540_firmwareoptiplex_5060latitude_7390precision_5550_firmwareinspiron_15_5566_firmwareprecision_7520latitude_e7470_firmwarelatitude_rugged_5420_firmwareprecision_7760_firmwareinspiron_7700_aio_firmwarelatitude_5491inspiron_14_5410inspiron_15_5579precision_7550_firmwareprecision_7720_firmwarevostro_15_3578vostro_15_7570_firmwaredell_g3_3779_firmwarelatitude_5490_firmwareoptiplex_7770_all-in-one_firmwarelatitude_3500_firmwareinspiron_3593_firmwarevostro_15_3572_firmwarealienware_aurora_r8_firmwarealienware_m15_r2optiplex_7770_all-in-onedell_g3_3500latitude_3520_firmwarelatitude_7490_firmwareoptiplex_7760_aioinspiron_3277_aiolatitude_5310latitude_3470vostro_3590_firmwarelatitude_7390_firmwareinspiron_5400_aio_firmwarelatitude_3480chengming_3980inspiron_3590_firmwareinspiron_5400_aiochengming_3990inspiron_3471inspiron_13_7373precision_7530_firmwareinspiron_5301latitude_12_rugged_tablet_7212optiplex_7080inspiron_3493_firmwarevostro_3470_firmwareinspiron_7506_2-in-1inspiron_7300_2-in-1_firmwareinspiron_3470inspiron_3268_firmwarelatitude_3190_2-in-1_firmwarevostro_3681latitude_3320_firmwareinspiron_7306_2-in-1_firmwareoptiplex_5060_firmwareoptiplex_5050inspiron_3476chengming_3977_firmwareinspiron_5501optiplex_5090_tower_firmwareinspiron_7472latitude_14_rugged_5414_firmwareinspiron_5594_firmwarevostro_3510chengming_3991inspiron_3781inspiron_15_7570inspiron_15_3567vostro_3667_firmwarelatitude_3189_firmwarelatitude_3180_firmwareoptiplex_3050optiplex_3280_all-in-one_firmwarevostro_3490latitude_12_rugged_tablet_7212_firmwarelatitude_3379_firmwareprecision_7520_firmwarevostro_3670_firmwarelatitude_3310_2-in-1latitude_5300_2-in-1latitude_5179latitude_7490latitude_3570inspiron_7591inspiron_5594inspiron_3511latitude_3180latitude_3190_firmwarevostro_3268latitude_e7470vostro_3584_firmwarelatitude_3300_firmwareprecision_7710_firmwarevostro_5401_firmwarelatitude_7414_rugged_extreme_firmwareprecision_3630_towervostro_3070_firmwarevostro_15_5568_firmwarelatitude_7275_2-in-1precision_3640vostro_13_5370_firmwarelatitude_7300_firmwareoptiplex_3280_all-in-oneoptiplex_7090_uffvostro_5481_firmwaredell_g7_7590_firmwarevostro_5890_firmwareinspiron_5498latitude_7400_firmwareinspiron_3280vostro_3510_firmwareoptiplex_5250inspiron_3881inspiron_3501_firmwareoptiplex_7080_firmwarelatitude_5491_firmwarelatitude_9420dell_g5_5500_firmwarelatitude_rugged_5424_firmwareoptiplex_7760_aio_firmwareinspiron_15_7573_firmwarevostro_3660_firmwareinspiron_5491_aiovostro_3681_firmwarelatitude_3590_firmwareoptiplex_5490_aio_firmwarealienware_aurora_r11_firmwarelatitude_5520_firmwareinspiron_5498_firmwarelatitude_9520_firmwarelatitude_13_7390_2-in-1_firmwareoptiplex_3046_firmwareinspiron_5410_firmwareprecision_7750_firmwarevostro_3267_firmwareinspiron_3581_firmwarelatitude_rugged_7424_firmwaredell_g3_3590_firmwarelatitude_12_7285alienware_m15_r2_firmwareprecision_3430_tower_firmwareinspiron_5390_firmwarelatitude_3379latitude_7420_firmwarevostro_5491inspiron_3480_aio_firmwareoptiplex_7040_firmwareprecision_7710alienware_m15_r1_firmwarealienware_13_r3optiplex_7490_aio_firmwarelatitude_7310_firmwareinspiron_15_gaming_7577vostro_3562_firmwarevostro_14_5468_firmwarelatitude_12_rugged_extreme_7214_firmwarelatitude_3551vostro_5390_firmwarelatitude_5300_2-in-1_firmwareprecision_3420_towerinspiron_3581latitude_3410precision_3520_firmwareinspiron_5494latitude_5310_2_in_1vostro_5501_firmwarelatitude_9410_firmwareinspiron_7500_2-in-1latitude_5411vostro_3471_firmwareinspiron_7580inspiron_3891_firmwareinspiron_5770_firmwarevostro_3070latitude_7320_firmwareoptiplex_5480_all-in-oneoptiplex_xe3_firmwareinspiron_15_3573precision_5530_firmwareinspiron_7300inspiron_3891optiplex_3040_firmwareembedded_box_pc_5000optiplex_7450vostro_5402vostro_14_3478inspiron_7777_aio_firmwareprecision_3240_cff_firmwareinspiron_5509vostro_3500inspiron_7790precision_3430_towerinspiron_5390latitude_3390latitude_5300inspiron_17_7773latitude_5521_firmwareinspiron_7300_2-in-1latitude_3300optiplex_5070_firmwarealienware_17_r4vostro_5310vostro_7510vostro_3500_firmwarevostro_7500inspiron_7386_firmwarevostro_3690_firmwarealienware_m15_r3_firmwareinspiron_3590latitude_5521latitude_9510optiplex_7070_firmwareoptiplex_7090_toweralienware_aurora_r9_firmwarelatitude_7400vostro_15_5568latitude_5288vostro_3881precision_3530precision_3930_rackinspiron_3670inspiron_5508_firmwareinspiron_7500_2-in-1_firmwareoptiplex_5050_firmwarelatitude_5488_firmwareinspiron_3790alienware_m15_r4_firmwarechengming_3977optiplex_3040optiplex_3080_firmwareinspiron_7472_firmwareinspiron_5401_aio_firmwarelatitude_3470_firmwareprecision_7720inspiron_5401_aiolatitude_3420inspiron_14_3467inspiron_5583latitude_3310_firmwareoptiplex_7480_all-in-one_firmwareinspiron_3793_firmwarelatitude_3410_firmwaredell_g7_7588precision_5720_aio_firmwarelatitude_5511precision_3510precision_7820_tower_firmwareinspiron_5408_firmwarelatitude_3189latitude_7200_2-in-1vostro_3668_firmwareprecision_3510_firmwareprecision_7820_towerinspiron_15_5582_firmwarealienware_m17_r3inspiron_15_7570_firmwarealienware_x17_r1dell_g7_7590inspiron_5400_2-in-1inspiron_5482inspiron_7700_aiovostro_7590_firmwarealienware_m17_r2latitude_5410latitude_7420optiplex_5260_all-in-one_firmwareprecision_5520_firmwareinspiron_5494_firmwareinspiron_5310precision_3640_firmwarelatitude_5280_firmwareinspiron_5490_aio_firmwareoptiplex_7060inspiron_3510_firmwareprecision_5550vostro_3888precision_3560latitude_3301_firmwarelatitude_e7270latitude_3120precision_3540_firmwarelatitude_12_7285_firmwareoptiplex_7040precision_3550_firmwareinspiron_15_5579_firmwareoptiplex_7470_all-in-one_firmwareprecision_7750alienware_aurora_r9dell_g3_3579_firmwarelatitude_3580_firmwareinspiron_5570precision_3530_firmwareprecision_7740_firmwaredell_g5_5000vostro_5491_firmwareinspiron_7586vostro_5390precision_3431_towerprecision_3561vostro_5880inspiron_3793latitude_3390_firmwareinspiron_15_5578inspiron_5680vostro_3667latitude_e7270_firmwareprecision_5750inspiron_7500_firmwareinspiron_7490chengming_3991_firmwareinspiron_3277_aio_firmwarelatitude_5580_firmwareinspiron_5680_firmwareoptiplex_7060_firmwareinspiron_7786_firmwareinspiron_5490_firmwarelatitude_7520_firmwarelatitude_3310_2-in-1_firmwarevostro_5581latitude_5310_2_in_1_firmwarelatitude_13_7370_ultrabook_firmwareinspiron_5370_firmwarealienware_m17_r2_firmwareinspiron_5502vostro_3480latitude_9520precision_5540inspiron_3493optiplex_7071_firmwarelatitude_e5470inspiron_7610dell_g7_7790_firmwarevostro_3267inspiron_3477_aioCPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2021-36293
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.06% / 17.26%
||
7 Day CHG~0.00%
Published-08 Apr, 2022 | 19:50
Updated-17 Sep, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-vnxe1600vnx5600vnx5400vnx5800vnx_vg10emc_unity_operating_environmentvnx5200vnx_vg50vnx7600vnx8000VNX2
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-21595
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.14% / 33.16%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 22:00
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-23862
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.27%
||
7 Day CHG+0.01%
Published-16 Mar, 2026 | 17:28
Updated-17 Mar, 2026 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.
Product-ThinOS 10
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-23778
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.04% / 13.41%
||
7 Day CHG-0.00%
Published-17 Apr, 2026 | 08:33
Updated-20 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to gain root-level access.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_dp_series_appliancedata_domain_operating_systemPowerProtect Data Domain
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-23779
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.60%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 09:04
Updated-20 Apr, 2026 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain root-level access.

Action-Not Available
Vendor-Dell Inc.
Product-powerprotect_dp_series_appliancedata_domain_operating_systemPowerProtect Data Domain
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-22284
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.6||MEDIUM
EPSS-0.10% / 26.12%
||
7 Day CHG~0.00%
Published-17 Feb, 2026 | 19:46
Updated-26 Feb, 2026 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-53290
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.4||HIGH
EPSS-0.60% / 69.64%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 07:34
Updated-04 Feb, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Command execution

Action-Not Available
Vendor-Dell Inc.
Product-thinosWyse Proprietary OS (Modern ThinOS)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-49560
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.69%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 03:17
Updated-15 Nov, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Softwaresmartfabric_os10
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-49557
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.32% / 55.45%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 03:26
Updated-15 Nov, 2024 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Softwaresmartfabric_os10
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-48015
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 26.46%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 17:16
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-48017
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-0.33% / 56.06%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 17:23
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-48830
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.27%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 16:56
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-42427
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.6||HIGH
EPSS-1.32% / 80.10%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 07:39
Updated-20 Dec, 2024 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-wyse_thinosWyse Proprietary OS (Modern ThinOS)wyse_proprietary_os
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-45104
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-3.11% / 86.99%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 21:04
Updated-24 Mar, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.

Action-Not Available
Vendor-Dell Inc.
Product-unisphere_for_powermax_virtual_appliancesolutions_enabler_virtual_applianceevasa_provider_virtual_applianceUnisphere for PowerMax vApp
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-39577
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.52% / 67.19%
||
7 Day CHG~0.00%
Published-26 Sep, 2024 | 17:06
Updated-25 Nov, 2024 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Softwaresmartfabric_os10
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-38486
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.79%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 04:06
Updated-13 Sep, 2024 | 20:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Softwaresmartfabric_os10
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-25955
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.42% / 62.27%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 19:05
Updated-27 Jan, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-solutions_enabler_virtual_appliancepowermax_eemunisphere_for_powermax_virtual_applianceVirtual Appliance (vApp) Managerunisphere_for_powermax_virtual_appliancesolutions_enabler_virtual_applianceunisphere_for_powermax
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-25946
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.42% / 62.27%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 19:00
Updated-25 Mar, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-solutions_enabler_virtual_appliancepowermax_eemunisphere_for_powermax_virtual_applianceVirtual Appliance (vApp) Managervirtual_appliance_manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-25951
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8||HIGH
EPSS-0.93% / 76.31%
||
7 Day CHG~0.00%
Published-09 Mar, 2024 | 05:56
Updated-31 Jan, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system.

Action-Not Available
Vendor-Dell Inc.
Product-idrac8Integrated Dell Remote Access Controller 8integrated_dell_remote_access_controller_8
CWE ID-CWE-1288
Improper Validation of Consistency within Input
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-45095
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 48.50%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 04:45
Updated-27 Mar, 2025 | 13:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-4401
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.40%
||
7 Day CHG~0.00%
Published-05 Oct, 2023 | 17:12
Updated-19 Sep, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_storage_softwareDell SmartFabric Storage Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-34432
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.47% / 64.69%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 16:40
Updated-19 May, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders.

Action-Not Available
Vendor-Dell Inc.
Product-hybrid_clientDell Hybrid Client (DHC)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-34383
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.1||HIGH
EPSS-0.47% / 65.07%
||
7 Day CHG~0.00%
Published-31 Aug, 2022 | 20:05
Updated-16 Sep, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-edge_gateway_5200edge_gateway_5200_firmwareEdge Gateway 5200
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-46427
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.36%
||
7 Day CHG~0.00%
Published-12 Nov, 2025 | 20:01
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-46365
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-05 Nov, 2025 | 16:40
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.

Action-Not Available
Vendor-Dell Inc.
Product-cloudlinkCloudLink
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-46428
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.32%
||
7 Day CHG~0.00%
Published-12 Nov, 2025 | 19:57
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-26331
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.11%
||
7 Day CHG~0.00%
Published-07 Mar, 2025 | 08:06
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_3420optiplex_3000_thin_clientlatitude_5440wyse_5470_all-in-one_thin_clientoptiplex_7420_all-in-onelatitude_5450latitude_3440optiplex_5400_all-in-oneoptiplex_7410_all-in-onewyse_5070_thin_clientthinoswyse_5470_mobile_thin_clientWyse Proprietary OS (Modern ThinOS)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-22473
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.92%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 17:42
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-22476
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 44.76%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 16:08
Updated-04 Nov, 2025 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Remote execution.

Action-Not Available
Vendor-Dell Inc.
Product-storage_managerDell Storage Center - Dell Storage Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-22472
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.92%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 17:47
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of commands with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-smartfabric_os10SmartFabric OS10 Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-43589
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.68%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.

Action-Not Available
Vendor-Dell Inc.
Product-emc_unity_operating_environmentemc_unityvsa_operating_environmentemc_unity_xt_operating_environmentUnity
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-35791
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.10% / 27.76%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:39
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.68, R8900 before 1.0.5.2, and R9000 before 1.0.5.2.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7800r8900r9000_firmwarer8900_firmwarer7800_firmwarer9000n/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found