Bios Security Vulnerabilities and Issues — Bios CVE List

cve

CVE-2015-2890

The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism upon being woken from sleep, which allows local users to condu...

6CVSS

5.8AI Score

0.0004EPSS

2015-08-01 01:59 AM

22

cve

CVE-2022-32486

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

8.8CVSS

8.8AI Score

0.0004EPSS

2022-10-11 05:15 PM

31

3

cve

CVE-2022-32490

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-01-18 06:15 AM

21

cve

CVE-2022-32492

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

8.8CVSS

8.7AI Score

0.0004EPSS

2022-10-11 05:15 PM

36

2

cve

CVE-2022-34393

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

7.5CVSS

7.7AI Score

0.0004EPSS

2023-01-18 06:15 AM

18

cve

CVE-2022-34460

Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-01-18 06:15 AM

21