Dell Inspiron 3275 Firmware vulnerabilities

7 known vulnerabilities affecting dell/inspiron_3275_firmware.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7

Vulnerabilities

Page 1 of 1
CVE-2022-34400HIGHCVSS 7.1fixed in 1.9.22023-02-01
CVE-2022-34400 [HIGH] CWE-122 CVE-2022-34400: Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges cou Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
nvd
CVE-2022-34403HIGHCVSS 8.8fixed in 1.9.22023-02-01
CVE-2022-34403 [HIGH] CWE-121 CVE-2022-34403: Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker coul Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-34393HIGHCVSS 7.5fixed in 1.9.12023-01-18
CVE-2022-34393 [HIGH] CWE-20 CVE-2022-34393: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-34460HIGHCVSS 7.8fixed in 1.9.12023-01-18
CVE-2022-34460 [HIGH] CWE-20 CVE-2022-34460: Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2022-26862HIGHCVSS 7.8fixed in 1.9.02022-06-23
CVE-2022-26862 [HIGH] CWE-20 CVE-2022-26862: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd
CVE-2022-26863HIGHCVSS 7.8fixed in 1.9.02022-06-23
CVE-2022-26863 [HIGH] CWE-20 CVE-2022-26863: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd
CVE-2022-26864HIGHCVSS 7.8fixed in 1.9.02022-06-23
CVE-2022-26864 [HIGH] CWE-20 CVE-2022-26864: Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated maliciou Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.
nvd