Lucene search

[email protected]NVD:CVE-2021-36283

HistorySep 28, 2021 - 8:15 p.m.

CVE-2021-36283

2021-09-2820:15:07

CWE-20

[email protected]

web.nvd.nist.gov

dell bios

input validation

vulnerability

local user

code execution

smram

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Affected configurations

Nvd

Node

dellchengming_3990_firmwareRange<1.3.1

AND

dellchengming_3990Match-

Node

dellchengming_3991_firmwareRange<1.3.1

AND

dellchengming_3991Match-

Node

dellg3_15_3500_firmwareRange<1.7.1

AND

dellg3_15_3500Match-

Node

dellg3_15_3590_firmwareRange<1.12.0

AND

dellg3_15_3590Match-

Node

dellg3_15_5500_firmwareRange<1.7.1

AND

dellg3_15_5500Match-

Node

dellinspiron_3493_firmwareRange<1.12.0

AND

dellinspiron_3493Match-

Node

dellinspiron_3501_firmwareRange<1.1.0

AND

dellinspiron_3501Match-

Node

dellinspiron_3593_firmwareRange<1.12.0

AND

dellinspiron_3593Match-

Node

dellinspiron_3793_firmwareRange<1.12.0

AND

dellinspiron_3793Match-

Node

dellinspiron_3880_firmwareRange<1.3.1

AND

dellinspiron_3880Match-

Node

dellinspiron_3881_firmwareRange<1.3.1

AND

dellinspiron_3881Match-

Node

dellinspiron_5400_2-in-1_firmwareRange<1.5.0

AND

dellinspiron_5400_2-in-1Match-

Node

dellinspiron_5490_firmwareRange<1.12.0

AND

dellinspiron_5490Match-

Node

dellinspiron_5493_firmwareRange<1.12.0

AND

dellinspiron_5493Match-

Node

dellinspiron_5498_firmwareRange<1.12.0

AND

dellinspiron_5498Match-

Node

dellinspiron_5590_firmwareRange<1.12.0

AND

dellinspiron_5590Match-

Node

dellinspiron_5593_firmwareRange<1.12.0

AND

dellinspiron_5593Match-

Node

dellinspiron_5598_firmwareRange<1.12.0

AND

dellinspiron_5598Match-

Node

dellinspiron_7391_2-in-1_firmwareRange<1.9.1

AND

dellinspiron_7391_2-in-1Match-

Node

dellinspiron_7500_firmwareRange<1.5.1

AND

dellinspiron_7500Match-

Node

dellinspiron_7500_2-in-1_silver_firmwareRange<1.5.0

AND

dellinspiron_7500_2-in-1_silverMatch-

Node

dellinspiron_7501_firmwareRange<1.5.1

AND

dellinspiron_7501Match-

Node

dellinspiron_7590_firmwareRange<1.8.0

AND

dellinspiron_7590Match-

Node

dellinspiron_7591_firmwareRange<1.8.0

AND

dellinspiron_7591Match-

Node

delllatitude_3310Match-

AND

delllatitude_3310_firmwareRange<1.8.3

Node

delllatitude_3310_2-in-1Match-

AND

delllatitude_3310_2-in-1_firmwareRange<1.17.1

Node

delllatitude_5300Match-

AND

delllatitude_5300_firmwareRange<1.12.1

Node

delllatitude_5300_2-in-1Match-

AND

delllatitude_5300_2-in-1_firmwareRange<1.12.1

Node

delllatitude_5310Match-

AND

delllatitude_5310_firmwareRange<1.4.2

Node

delllatitude_5310_2_in_1Match-

AND

delllatitude_5310_2_in_1_firmwareMatch1.4.2

Node

delllatitude_5400Match-

AND

delllatitude_5400_firmwareRange<1.10.1

Node

delllatitude_5401Match-

AND

delllatitude_5401_firmwareRange<1.11.1

Node

delllatitude_5410_firmwareRange<1.4.3

AND

delllatitude_5410Match-

Node

delllatitude_5411_firmwareRange<1.4.3

AND

delllatitude_5411Match-

Node

delllatitude_5500_firmwareRange<1.10.1

AND

delllatitude_5500Match-

Node

delllatitude_5511_firmwareRange<1.4.3

AND

delllatitude_5511Match-

Node

delllatitude_7200_2_in_1_firmwareRange<1.10.1

AND

delllatitude_7200_2_in_1Match-

Node

delllatitude_7210_2_in_1_firmwareRange<1.5.1

AND

delllatitude_7210_2_in_1Match-

Node

delllatitude_7220ex_rugged_extreme_tablet_firmwareRange<1.9.1

AND

delllatitude_7220ex_rugged_extreme_tabletMatch-

Node

delllatitude_7300_firmwareRange<1.11.1

AND

delllatitude_7300Match-

Node

delllatitude_7310_firmwareRange<1.5.1

AND

delllatitude_7310Match-

Node

delllatitude_7400_firmwareRange<1.11.1

AND

delllatitude_7400Match-

Node

delllatitude_7400_2-in-1_firmwareRange<1.10.0

AND

delllatitude_7400_2-in-1Match-

Node

delllatitude_7410_firmwareRange<1.5.1

AND

delllatitude_7410Match-

Node

delllatitude_9410_firmwareRange<1.5.1

AND

delllatitude_9410Match-

Node

delllatitude_9510_firmwareRange<1.4.2

AND

delllatitude_9510Match-

Node

delloptiplex_3080_firmwareRange<1.3.1

AND

delloptiplex_3080Match-

Node

delloptiplex_3280_aio_firmwareRange<1.3.1

AND

delloptiplex_3280_aioMatch-

Node

delloptiplex_5080_firmwareRange<1.3.1

AND

delloptiplex_5080Match-

Node

delloptiplex_5480_aio_firmwareRange<1.4.0

AND

delloptiplex_5480_aioMatch-

Node

delloptiplex_7080_firmwareRange<1.3.10

AND

delloptiplex_7080Match-

Node

delloptiplex_7480_aio_firmwareRange<1.6.2

AND

delloptiplex_7480_aioMatch-

Node

delloptiplex_7780_aio_firmwareRange<1.6.2

AND

delloptiplex_7780_aioMatch-

Node

dellprecision_3440_firmwareRange<1.3.10

AND

dellprecision_3440Match-

Node

dellprecision_3540_firmwareRange<1.10.1

AND

dellprecision_3540Match-

Node

dellprecision_3541_firmwareRange<1.11.1

AND

dellprecision_3541Match-

Node

dellprecision_3550_firmwareRange<1.4.3

AND

dellprecision_3550Match-

Node

dellprecision_3551_firmwareRange<1.4.3

AND

dellprecision_3551Match-

Node

dellprecision_3640_tower_firmwareRange<1.4.3

AND

dellprecision_3640_towerMatch-

Node

dellprecision_5540_firmwareRange<1.9.1

AND

dellprecision_5540Match-

Node

dellprecision_5550_firmwareRange<1.6.1

AND

dellprecision_5550Match-

Node

dellprecision_5750_firmwareRange<1.6.3

AND

dellprecision_5750Match-

Node

dellprecision_7540_firmwareRange<1.11.2

AND

dellprecision_7540Match-

Node

dellprecision_7550_firmwareRange<1.6.2

AND

dellprecision_7550Match-

Node

dellprecision_7740_firmwareRange<1.11.2

AND

dellprecision_7740Match-

Node

dellprecision_7750_firmwareRange<1.6.2

AND

dellprecision_7750Match-

Node

dellvostro_3401_firmwareRange<1.1.0

AND

dellvostro_3401Match-

Node

dellvostro_3491_firmwareRange<1.12.0

AND

dellvostro_3491Match-

Node

dellvostro_3501_firmwareRange<1.1.0

AND

dellvostro_3501Match-

Node

dellvostro_3591_firmwareRange<1.12.0

AND

dellvostro_3591Match-

Node

dellvostro_3681_firmwareRange<1.3.1

AND

dellvostro_3681Match-

Node

dellvostro_3881_firmwareRange<1.3.1

AND

dellvostro_3881Match-

Node

dellvostro_3888_firmwareRange<1.3.1

AND

dellvostro_3888Match-

Node

dellvostro_5490_firmwareRange<1.12.0

AND

dellvostro_5490Match-

Node

dellvostro_5590_firmwareRange<1.12.0

AND

dellvostro_5590Match-

Node

dellvostro_7500_firmwareRange<1.5.1

AND

dellvostro_7500Match-

Node

dellvostro_7590_firmwareRange<1.8.0

AND

dellvostro_7590Match-

Node

dellwyse_5470_firmwareRange<1.6.0

AND

dellwyse_5470Match-

Node

dellxps_13_9300_firmwareRange<1.4.1

AND

dellxps_13_9300Match-

Node

dellxps_13_9380_firmwareRange<1.12.0

AND

dellxps_13_9380Match-

Node

dellxps_17_9700_firmwareRange<1.6.3

AND

dellxps_17_9700Match-

Node

dellxps_7380_firmwareRange<1.7.0

AND

dellxps_7380Match-

Node

dellxps_7590_firmwareRange<1.9.1

AND

dellxps_7590Match-

Node

dellxps_7390_2-in-1_firmwareRange<1.7.1

AND

dellxps_7390_2-in-1

Node

dellxps_9500_firmwareRange<1.6.1

AND

dellxps_9500

VendorProductVersionCPE
dellchengming_3990_firmware*cpe:2.3:o:dell:chengming_3990_firmware:*:*:*:*:*:*:*:*
dellchengming_3990-cpe:2.3:h:dell:chengming_3990:-:*:*:*:*:*:*:*
dellchengming_3991_firmware*cpe:2.3:o:dell:chengming_3991_firmware:*:*:*:*:*:*:*:*
dellchengming_3991-cpe:2.3:h:dell:chengming_3991:-:*:*:*:*:*:*:*
dellg3_15_3500_firmware*cpe:2.3:o:dell:g3_15_3500_firmware:*:*:*:*:*:*:*:*
dellg3_15_3500-cpe:2.3:h:dell:g3_15_3500:-:*:*:*:*:*:*:*
dellg3_15_3590_firmware*cpe:2.3:o:dell:g3_15_3590_firmware:*:*:*:*:*:*:*:*
dellg3_15_3590-cpe:2.3:h:dell:g3_15_3590:-:*:*:*:*:*:*:*
dellg3_15_5500_firmware*cpe:2.3:o:dell:g3_15_5500_firmware:*:*:*:*:*:*:*:*
dellg3_15_5500-cpe:2.3:h:dell:g3_15_5500:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	chengming_3990_firmware	*	cpe:2.3:o:dell:chengming_3990_firmware::::::::
dell	chengming_3990	-	cpe:2.3:h:dell:chengming_3990:-:::::::*
dell	chengming_3991_firmware	*	cpe:2.3:o:dell:chengming_3991_firmware::::::::
dell	chengming_3991	-	cpe:2.3:h:dell:chengming_3991:-:::::::*
dell	g3_15_3500_firmware	*	cpe:2.3:o:dell:g3_15_3500_firmware::::::::
dell	g3_15_3500	-	cpe:2.3:h:dell:g3_15_3500:-:::::::*
dell	g3_15_3590_firmware	*	cpe:2.3:o:dell:g3_15_3590_firmware::::::::
dell	g3_15_3590	-	cpe:2.3:h:dell:g3_15_3590:-:::::::*
dell	g3_15_5500_firmware	*	cpe:2.3:o:dell:g3_15_5500_firmware::::::::
dell	g3_15_5500	-	cpe:2.3:h:dell:g3_15_5500:-:::::::*

Rows per page:

1-10 of 1701

References

www.dell.com/support/kbdoc/000191495/

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-36283

prion1 cvelist1 cve1