Dell Vostro 3267 Firmware vulnerabilities

52 known vulnerabilities affecting dell/vostro_3267_firmware.

Total CVEs
52
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH16MEDIUM36

Vulnerabilities

Page 3 of 3
CVE-2022-24416HIGHCVSS 7.8fixed in 1.20.02022-03-11
CVE-2022-24416 [HIGH] CWE-119 CVE-2022-24416: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
nvd
CVE-2022-24420HIGHCVSS 7.8fixed in 1.20.02022-03-11
CVE-2022-24420 [HIGH] CWE-119 CVE-2022-24420: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
nvd
CVE-2022-24421HIGHCVSS 7.8fixed in 1.20.02022-03-11
CVE-2022-24421 [HIGH] CWE-119 CVE-2022-24421: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
nvd
CVE-2022-24419HIGHCVSS 7.8fixed in 1.20.02022-03-11
CVE-2022-24419 [HIGH] CWE-119 CVE-2022-24419: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
nvd
CVE-2022-24415HIGHCVSS 7.8fixed in 1.20.02022-03-11
CVE-2022-24415 [HIGH] CWE-119 CVE-2022-24415: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
nvd
CVE-2021-36342MEDIUMCVSS 6.4fixed in 1.18.02022-01-24
CVE-2021-36342 [MEDIUM] CWE-119 CVE-2021-36342: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2021-36343MEDIUMCVSS 6.4fixed in 1.18.02022-01-24
CVE-2021-36343 [MEDIUM] CWE-119 CVE-2021-36343: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2021-36325MEDIUMCVSS 6.7fixed in 1.17.12021-11-12
CVE-2021-36325 [MEDIUM] CWE-20 CVE-2021-36325: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2021-36323MEDIUMCVSS 6.7fixed in 1.17.12021-11-12
CVE-2021-36323 [MEDIUM] CWE-20 CVE-2021-36323: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2021-36324MEDIUMCVSS 6.7fixed in 1.17.12021-11-12
CVE-2021-36324 [MEDIUM] CWE-20 CVE-2021-36324: Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
nvd
CVE-2020-5362MEDIUMCVSS 4.4fixed in 1.14.02020-06-10
CVE-2020-5362 [MEDIUM] CWE-285 CVE-2020-5362: Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.
nvd
CVE-2019-3717MEDIUMCVSS 6.8fixed in 1.11.12019-08-05
CVE-2019-3717 [MEDIUM] CVE-2019-3717: Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An un Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/articl
nvd
← Previous3 / 3