Dell Alienware Aurora R10 Firmware vulnerabilities

13 known vulnerabilities affecting dell/alienware_aurora_r10_firmware.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH10MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-32859HIGHCVSS 8.2fixed in 2.8.02024-06-13
CVE-2024-32859 [HIGH] CWE-20 CVE-2024-32859: Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally devel Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
nvd
CVE-2024-32858HIGHCVSS 8.2fixed in 2.8.02024-06-13
CVE-2024-32858 [HIGH] CWE-20 CVE-2024-32858: Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally devel Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
nvd
CVE-2024-32856MEDIUMCVSS 6.0fixed in 2.8.02024-06-13
CVE-2024-32856 [MEDIUM] CWE-20 CVE-2024-32856: Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally devel Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2023-32475HIGHCVSS 7.6fixed in 2.6.02024-06-07
CVE-2023-32475 [HIGH] CWE-353 CVE-2023-32475: Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical ac Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
nvd
CVE-2022-34398HIGHCVSS 7.0fixed in 2.3.22023-02-01
CVE-2022-34398 [HIGH] CWE-367 CVE-2022-34398: Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.
nvd
CVE-2022-32489HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32489 [HIGH] CWE-20 CVE-2022-32489: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32491HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32491 [MEDIUM] CWE-119 CVE-2022-32491: Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
nvd
CVE-2022-32485HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32485 [HIGH] CWE-20 CVE-2022-32485: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32488HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32488 [HIGH] CWE-20 CVE-2022-32488: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32487HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32487 [HIGH] CWE-20 CVE-2022-32487: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32493HIGHCVSS 7.8fixed in 2.3.12022-10-12
CVE-2022-32493 [MEDIUM] CWE-121 CVE-2022-32493: Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious use Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32483MEDIUMCVSS 4.4fixed in 2.3.12022-10-12
CVE-2022-32483 [MEDIUM] CWE-20 CVE-2022-32483: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd
CVE-2022-32484MEDIUMCVSS 4.4fixed in 2.3.12022-10-12
CVE-2022-32484 [MEDIUM] CWE-20 CVE-2022-32484: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
nvd