Dell Cpg Bios vulnerabilities

110 known vulnerabilities affecting dell/cpg_bios.

Total CVEs
110
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH35MEDIUM70LOW5

Vulnerabilities

Page 6 of 6
CVE-2020-26186MEDIUMCVSS 6.8≥ unspecified, < 1.4.12021-01-08
CVE-2020-26186 [MEDIUM] CWE-642 CVE-2020-26186: Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulner Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the RuntimeServices structure to execute arbitrary code in System Management Mode (SMM).
cvelistv5nvd
CVE-2020-5361HIGHCVSS 7.6≥ unspecified, < All2021-01-04
CVE-2020-5361 [HIGH] CWE-640 CVE-2020-5361: Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that i Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized password generation tools that can generate BIOS recovery passwords. The tools, which are not authorized by Dell, can be used by a physically present attac
cvelistv5nvd
CVE-2020-5388MEDIUMCVSS 6.9≥ unspecified, < 1.31.02020-11-10
CVE-2020-5388 [MEDIUM] CWE-119 CVE-2020-5388: Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buf Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
cvelistv5nvd
CVE-2020-5387MEDIUMCVSS 4.4≥ unspecified, < 1.13.12020-10-01
CVE-2020-5387 [MEDIUM] CWE-755 CVE-2020-5387: Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed.
cvelistv5nvd
CVE-2020-5378MEDIUMCVSS 6.8≥ unspecified, < 1.13.02020-09-02
CVE-2020-5378 [MEDIUM] CWE-416 CVE-2020-5378: Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerabil Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
cvelistv5nvd
CVE-2020-5376MEDIUMCVSS 6.8≥ unspecified, < A132020-09-02
CVE-2020-5376 [MEDIUM] CWE-416 CVE-2020-5376: Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerabil Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
cvelistv5nvd
CVE-2020-5379MEDIUMCVSS 6.8≥ unspecified, < A122020-09-02
CVE-2020-5379 [MEDIUM] CWE-693 CVE-2020-5379: Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerabil Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).
cvelistv5nvd
CVE-2020-5357MEDIUMCVSS 6.0≥ unspecified, < 1.0.82020-05-28
CVE-2020-5357 [MEDIUM] CWE-427 CVE-2020-5357: Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged maliciou
cvelistv5nvd
CVE-2020-5348HIGHCVSS 7.8≥ unspecified, < A282020-04-04
CVE-2020-5348 [HIGH] CWE-416 CVE-2020-5348: Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_ Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.
cvelistv5nvd
CVE-2019-18579MEDIUMCVSS 6.8≥ unspecified, < 1.1.32019-12-16
CVE-2019-18579 [MEDIUM] CWE-16 CVE-2019-18579: Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vuln Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory
cvelistv5nvd
← Previous6 / 6
Dell Cpg Bios vulnerabilities | cvebase