Dell Inspiron 3185 Firmware vulnerabilities

7 known vulnerabilities affecting dell/inspiron_3185_firmware.

Total CVEs

7

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH5MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2022-34393HIGHCVSS 7.5fixed in 1.5.02023-01-18

CVE-2022-34393 [HIGH] CWE-20 CVE-2022-34393: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

CVE-2022-34460HIGHCVSS 7.8fixed in 1.5.02023-01-18

CVE-2022-34460 [HIGH] CWE-20 CVE-2022-34460: Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

CVE-2022-26862HIGHCVSS 7.8fixed in 1.4.42022-06-23

CVE-2022-26862 [HIGH] CWE-20 CVE-2022-26862: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

CVE-2022-26863HIGHCVSS 7.8fixed in 1.4.42022-06-23

CVE-2022-26863 [HIGH] CWE-20 CVE-2022-26863: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

CVE-2022-26864HIGHCVSS 7.8fixed in 1.4.42022-06-23

CVE-2022-26864 [HIGH] CWE-20 CVE-2022-26864: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

CVE-2022-24417MEDIUMCVSS 6.7fixed in 1.4.42022-05-26

CVE-2022-24417 [MEDIUM] CWE-20 CVE-2022-24417: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

CVE-2022-24418MEDIUMCVSS 6.7fixed in 1.4.42022-05-26

CVE-2022-24418 [MEDIUM] CWE-20 CVE-2022-24418: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.