Dell G15 5515 Firmware vulnerabilities

7 known vulnerabilities affecting dell/g15_5515_firmware.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6LOW1

Vulnerabilities

Page 1 of 1
CVE-2023-32475HIGHCVSS 7.6fixed in 1.15.02024-06-07
CVE-2023-32475 [HIGH] CWE-353 CVE-2023-32475: Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical ac Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
nvd
CVE-2022-34400HIGHCVSS 7.1fixed in 1.8.02023-02-01
CVE-2022-34400 [HIGH] CWE-122 CVE-2022-34400: Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges cou Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
nvd
CVE-2022-34403HIGHCVSS 8.8fixed in 1.8.02023-02-01
CVE-2022-34403 [HIGH] CWE-121 CVE-2022-34403: Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker coul Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-34399LOWCVSS 2.3fixed in 1.8.02023-01-18
CVE-2022-34399 [MEDIUM] CWE-805 CVE-2022-34399: Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A maliciou Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.
nvd
CVE-2022-26862HIGHCVSS 7.8fixed in 1.6.02022-06-23
CVE-2022-26862 [MEDIUM] CWE-20 CVE-2022-26862: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd
CVE-2022-26863HIGHCVSS 7.8fixed in 1.6.02022-06-23
CVE-2022-26863 [MEDIUM] CWE-20 CVE-2022-26863: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd
CVE-2022-26864HIGHCVSS 7.8fixed in 1.6.02022-06-23
CVE-2022-26864 [MEDIUM] CWE-20 CVE-2022-26864: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd