Dell Bios vulnerabilities
6 known vulnerabilities affecting dell/bios.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-32490HIGHCVSS 7.8v1.82023-01-18
CVE-2022-32490 [HIGH] CWE-20 CVE-2022-32490:
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
cvelistv5nvd
CVE-2022-34393HIGHCVSS 7.5≤ 2.17.02023-01-18
CVE-2022-34393 [HIGH] CWE-20 CVE-2022-34393:
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
cvelistv5nvd
CVE-2022-34460HIGHCVSS 7.8≤ 2.17.02023-01-18
CVE-2022-34460 [HIGH] CWE-20 CVE-2022-34460:
Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated
Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
cvelistv5nvd
CVE-2022-32492HIGHCVSS 8.8fixed in 2.21.0fixed in 2.25.02022-10-11
CVE-2022-32492 [HIGH] CWE-20 CVE-2022-32492: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-32486HIGHCVSS 8.8fixed in 2.21.0fixed in 2.25.02022-10-11
CVE-2022-32486 [HIGH] CWE-20 CVE-2022-32486: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2015-2890MEDIUMCVSS 6.0≤ a20≤ a12+7 more2015-08-01
CVE-2015-2890 [MEDIUM] CVE-2015-2890: The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Work
The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging console access, a similar i
nvd