Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Vostro 5401 Firmware Security Vulnerabilities

cve
cve

CVE-2021-21571

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and ...

6.5CVSS

6.8AI Score

0.002EPSS

2021-06-24 05:15 PM
48
8
cve
cve

CVE-2021-21572

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

7.5CVSS

7.7AI Score

0.0004EPSS

2021-06-24 05:15 PM
39
13
cve
cve

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

7.5CVSS

7.7AI Score

0.001EPSS

2021-06-24 05:15 PM
36
12
cve
cve

CVE-2021-21574

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

7.5CVSS

7.7AI Score

0.001EPSS

2021-06-24 05:15 PM
47
9
cve
cve

CVE-2022-22566

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

7.2CVSS

7AI Score

0.0004EPSS

2022-02-09 08:15 PM
75
cve
cve

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

5.1CVSS

5AI Score

0.0004EPSS

2022-02-09 08:15 PM
72
cve
cve

CVE-2022-26858

Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.

7.8CVSS

7.5AI Score

0.0004EPSS

2022-09-06 09:15 PM
43
3
cve
cve

CVE-2022-26859

Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.

7CVSS

6.6AI Score

0.0004EPSS

2022-09-06 09:15 PM
21
4
cve
cve

CVE-2022-26860

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

7.8CVSS

7.9AI Score

0.001EPSS

2022-09-06 09:15 PM
22
3
cve
cve

CVE-2022-26861

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.

7.9CVSS

7.6AI Score

0.0004EPSS

2022-09-06 09:15 PM
26
2
cve
cve

CVE-2022-32482

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

5.6CVSS

5AI Score

0.0004EPSS

2023-02-01 06:15 AM
18
cve
cve

CVE-2023-25936

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 09:15 AM
11
cve
cve

CVE-2023-25937

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
19
cve
cve

CVE-2023-25938

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
21
cve
cve

CVE-2023-28026

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
19
cve
cve

CVE-2023-28027

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
21
cve
cve

CVE-2023-28028

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
11
cve
cve

CVE-2023-28029

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
16
cve
cve

CVE-2023-28030

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
11
cve
cve

CVE-2023-28031

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
20
cve
cve

CVE-2023-28032

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
11
cve
cve

CVE-2023-28033

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
13
cve
cve

CVE-2023-28034

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
27
cve
cve

CVE-2023-28035

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
12
cve
cve

CVE-2023-28036

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
19
cve
cve

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
14
cve
cve

CVE-2023-28040

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
11
cve
cve

CVE-2023-28041

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
12
cve
cve

CVE-2023-28042

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
13
cve
cve

CVE-2023-28044

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
17
cve
cve

CVE-2023-28050

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
22
cve
cve

CVE-2023-28052

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
17
cve
cve

CVE-2023-28054

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
13
cve
cve

CVE-2023-28056

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
12
cve
cve

CVE-2023-28058

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
21
cve
cve

CVE-2023-28059

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
16
cve
cve

CVE-2023-28060

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 11:15 AM
24
cve
cve

CVE-2023-28061

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.

6.7CVSS

6.2AI Score

0.0004EPSS

2023-06-23 10:15 AM
10
cve
cve

CVE-2023-28063

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

6.7CVSS

4.5AI Score

0.0004EPSS

2024-02-06 08:15 AM
11