Dell Latitude 12 Rugged Extreme 7214 Firmware vulnerabilities

CVE-2025-36600 [HIGH] CWE-1257 CVE-2025-36600: Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVE-2024-52541 [HIGH] CWE-1390 CVE-2024-52541: Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker w Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

CVE-2024-38483 [MEDIUM] CWE-20 CVE-2024-38483: Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVE-2024-0158 [MEDIUM] CWE-20 CVE-2024-0158: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges

CVE-2024-22429 [HIGH] CWE-20 CVE-2024-22429: Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.

CVE-2023-25938 [MEDIUM] CWE-20 CVE-2023-25938: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28039 [MEDIUM] CWE-20 CVE-2023-28039: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28050 [MEDIUM] CWE-20 CVE-2023-28050: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28042 [MEDIUM] CWE-20 CVE-2023-28042: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28061 [MEDIUM] CWE-20 CVE-2023-28061: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28028 [MEDIUM] CWE-20 CVE-2023-28028: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28030 [MEDIUM] CWE-20 CVE-2023-28030: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28027 [MEDIUM] CWE-20 CVE-2023-28027: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-25936 [MEDIUM] CWE-20 CVE-2023-25936: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28054 [MEDIUM] CWE-20 CVE-2023-28054: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28041 [MEDIUM] CWE-20 CVE-2023-28041: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28036 [MEDIUM] CWE-20 CVE-2023-28036: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28060 [MEDIUM] CWE-20 CVE-2023-28060: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28032 [MEDIUM] CWE-20 CVE-2023-28032: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

CVE-2023-28052 [MEDIUM] CWE-20 CVE-2023-28052: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.