Lucene search
+L
DellEmbedded Box Pc 5000 Firmware

59 matches found

CVE
CVE
added 2025/02/19 4:46 p.m.185 views

CVE-2024-52541

CVE-2024-52541 affects Dell Client Platform BIOS. The vulnerability is a weak authentication flaw that could allow a high-privilege attacker with local access to achieve Elevation of Privileges. The connected sources confirm the issue but do not provide public exploit details or concrete remediat...

8.2CVSS7.9AI score0.00156EPSS
CVE
CVE
added 2022/03/11 9:45 p.m.123 views

CVE-2022-24416

CVE-2022-24416 affects Dell BIOS firmware; the vulnerability arises from improper input validation in the BIOS SMM path, allowing a local authenticated attacker to trigger an SMI and gain arbitrary code execution in SMM. Affected Dell BIOS components and models include multiple Dell lines; remedi...

8.2CVSS7.8AI score0.00281EPSS
CVE
CVE
added 2022/03/11 9:45 p.m.120 views

CVE-2022-24420

Dell BIOS CVE-2022-24420 involves an improper input validation vulnerability that allows a local authenticated attacker to execute arbitrary code in the System Management Mode (SMM) using an SMI. Affected Dell products include several Dell BIOS-bearing systems (e.g., Inspiron, Vostro, XPS, Alienw...

8.2CVSS7.8AI score0.00281EPSS
CVE
CVE
added 2022/01/24 8:10 p.m.116 views

CVE-2021-36343

CVE-2021-36343 affects Dell BIOS and is caused by improper input validation in the BIOS, enabling a locally authenticated attacker to use a System Management Interrupt (SMI) to gain arbitrary code execution in SMRAM. Public sources describe the vulnerability as a locally exploitable issue that ca...

7.5CVSS6.8AI score0.00241EPSS
CVE
CVE
added 2022/03/11 9:45 p.m.115 views

CVE-2022-24419

Dell BIOS contains an improper input validation vulnerability that can be exploited locally by an authenticated attacker using an SMI to gain arbitrary code execution in System Management Mode (SMM). Affected are Dell BIOS firmware components across several systems (e.g., Inspiron, Vostro, XPS, A...

8.2CVSS7.8AI score0.00281EPSS
CVE
CVE
added 2022/03/11 9:45 p.m.115 views

CVE-2022-24421

Dell BIOS contains an improper input validation vulnerability that allows a local authenticated attacker to trigger arbitrary code execution in System Management Mode (SMM) via an SMI. Affected Dell products include Inspiron, Vostro, XPS, Alienware, and Edge Gateway 3000 Series. The root cause is...

8.2CVSS7.8AI score0.00281EPSS
CVE
CVE
added 2020/02/21 2:50 p.m.113 views

CVE-2020-5326

Dell Client platforms are affected by a BIOS Setup authentication bypass in the pre-boot iRST Manager menu. The issue allows an attacker with physical access to change BIOS Setup configuration by selecting Optimized Defaults without entering the BIOS Admin password. Root cause and affected compon...

6.1CVSS5.3AI score0.00349EPSS
CVE
CVE
added 2022/09/06 8:15 p.m.104 views

CVE-2022-26858

Dell BIOS CVE-2022-26858 is an Improper Authentication vulnerability affecting Dell BIOS versions. A locally authenticated user can potentially bypass security controls by sending malicious input to an SMI. The issue is commonly discussed alongside related BIOS vulnerabilities (DSA-2022-224) and ...

7.8CVSS7.5AI score0.00165EPSS
CVE
CVE
added 2022/03/11 9:45 p.m.98 views

CVE-2022-24415

Dell BIOS contains an improper input validation vulnerability that can be exploited by a local authenticated attacker using an SMI to gain arbitrary code execution during System Management Mode (SMM). Several sources describe this family of flaws (CVE-2022-24415) as affecting Dell BIOS across mul...

8.2CVSS7.8AI score0.00281EPSS
CVE
CVE
added 2020/06/10 8:40 p.m.96 views

CVE-2020-5362

CVE-2020-5362 affects Dell Client Client Consumer and Commercial platforms, where an improper authorization in the Dell Manageability interface allows an attacker with local OS administrator privileges to bypass BIOS Administrator authentication and restore BIOS Setup to default values. The NVD e...

7.1CVSS4.8AI score0.00291EPSS
CVE
CVE
added 2023/02/01 5:28 a.m.92 views

CVE-2022-34398

Dell BIOS is affected by a Time-of-check Time-of-use (TOCTTOU) vulnerability. A local authenticated user could exploit a specifically timed DMA transaction during an SMI to gain arbitrary code execution. The documents do not provide a specific patched version or remediation details; monitor for u...

7.5CVSS7.1AI score0.0016EPSS
CVE
CVE
added 2021/11/12 10:15 p.m.89 views

CVE-2021-36325

CVE-2021-36325 affects Dell BIOS embedded firmware. A Dell BIOS input-validation error allows a local authenticated attacker to use an SMI to execute arbitrary code in SMRAM. Reported impact includes high confidentiality, integrity, and availability concerns; exploitation details are not provided...

7.5CVSS6.9AI score0.00233EPSS
CVE
CVE
added 2023/08/16 7:15 p.m.89 views

CVE-2023-28075

Dell BIOS TOCTOU vulnerability (CVE-2023-28075) allows a locally authenticated user with physical access to trigger a specifically timed DMA operation during an SMI to gain arbitrary code execution. Affected component is the Dell BIOS; root cause is a Time‑of‑check Time‑of‑use flaw enabling TOCTO...

6.9CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.86 views

CVE-2022-32483

CVE-2022-32483 : Dell BIOS contains an improper input validation vulnerability that allows a local, authenticated attacker with admin privileges to modify a UEFI variable. Several sources corroborate that exploitation requires access to the System Management Interface (SMI) to act within SMRAM, e...

5.6CVSS4.5AI score0.00163EPSS
CVE
CVE
added 2024/08/14 9:24 a.m.78 views

CVE-2024-38483

CVE-2024-38483 describes an Improper Input Validation vulnerability in Dell BIOS, located in an externally developed component. A high-privilege attacker with local access could potentially achieve code execution. Connected sources specify affected Dell BIOS versions prior to 1.26.0, prior to 1.3...

6.7CVSS5.5AI score0.00151EPSS
CVE
CVE
added 2019/08/05 4:38 p.m.76 views

CVE-2019-3717

CVE-2019-3717 affects Dell Client Commercial and Consumer platforms. The vulnerability is an improper access control that could allow an unauthenticated attacker with physical access to bypass Secure Boot and run unsigned/untrusted code on expansion cards during platform boot. Impact concerns: co...

7.2CVSS6.6AI score0.00362EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.76 views

CVE-2022-32489

CVE-2022-32489 affects Dell BIOS. The vulnerability arises from improper input validation, enabling a local authenticated attacker to use an SMI to execute arbitrary code in SMRAM. Impact is high (confidentiality, integrity, and availability) per multiple sources. Exploitation requires access to ...

8.2CVSS7.8AI score0.00229EPSS
CVE
CVE
added 2022/09/06 8:15 p.m.75 views

CVE-2022-26859

CVE-2022-26859 describes a race condition in Dell BIOS that can be triggered by a local attacker sending malicious input via System Management Interrupt (SMI) to bypass security checks during System Management Mode (SMM). The vulnerability affects Dell BIOS and enables potential interception or c...

7CVSS6.6AI score0.00129EPSS
CVE
CVE
added 2023/02/10 10:34 a.m.74 views

CVE-2022-24410

CVE-2022-24410 affects Dell BIOS, where an unauthenticated local attacker with physical access could read system information via debug interfaces. The root cause is an information exposure through BIOS debug interfaces, enabling access to sensitive data. Documents consistently describe Dell BIOS ...

6.8CVSS4.2AI score0.00169EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.74 views

CVE-2022-32485

The CVE-2022-32485 entry refers to a Dell BIOS vulnerability caused by improper input validation. A local authenticated attacker could use a System Management Interrupt (SMI) to execute arbitrary code in SMRAM. Documents consistently identify Dell BIOS as the affected component and SMRAM as the t...

7.8CVSS7.8AI score0.00204EPSS
CVE
CVE
added 2023/06/23 10:1 a.m.74 views

CVE-2023-28036

Dell BIOS contains an improper input validation vulnerability that can be exploited by a local authenticated attacker with administrator privileges to modify a UEFI variable. Affected: Dell BIOS on Dell systems. Root cause: improper input validation. Impact: potential modification of UEFI variabl...

6.7CVSS6.2AI score0.0017EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.73 views

CVE-2022-32487

Dell BIOS contains an input validation weakness that can be triggered by a local, authenticated attacker using an SMI to execute code in SMRAM. Public sources consistently describe the vulnerability as affecting Dell BIOS embedded firmware and enabling arbitrary code execution when an SMI is used...

7.8CVSS7.8AI score0.00204EPSS
CVE
CVE
added 2023/06/23 10:25 a.m.72 views

CVE-2023-28050

The vulnerability CVE-2023-28050 affects Dell BIOS (embedded firmware) where improper input validation could allow a local authenticated attacker with administrator privileges to modify a UEFI variable. Root cause: faulty input validation in Dell BIOS code. Impact: potential integrity/availabilit...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.71 views

CVE-2022-32493

CVE-2022-32493: Dell BIOS contains a stack-based buffer overflow that can be exploited by a local, authenticated attacker using an SMI to execute code in SMRAM. This affects Dell BIOS (embedded firmware on motherboard memory) and results in arbitrary code execution with high impact on confidentia...

7.8CVSS7.9AI score0.00181EPSS
CVE
CVE
added 2024/07/02 6:20 a.m.70 views

CVE-2024-0158

CVE-2024-0158 relates to Dell BIOS, where an improper input validation flaw could let a locally authenticated administrator modify a UEFI variable, causing denial of service and privilege escalation. Affected software is the Dell BIOS (details on exact versions are not consistently specified acro...

6.7CVSS7.1AI score0.00147EPSS
CVE
CVE
added 2024/05/17 3:20 p.m.70 views

CVE-2024-22429

CVE-2024-22429 affects Dell BIOS with an Improper Input Validation vulnerability. A locally authenticated user with admin privileges could exploit the flaw to achieve arbitrary code execution on the host, per the provided descriptions. The root cause is described as input validation errors within...

7.5CVSS7.2AI score0.00209EPSS
CVE
CVE
added 2021/11/12 10:15 p.m.69 views

CVE-2021-36323

Dell BIOS contains an input validation vulnerability that can allow a local authenticated attacker to gain arbitrary code execution in SMRAM by abusing System Management Interrupts (SMI). Affected component is Dell BIOS (embedded firmware on a Dell motherboard memory chip). The root cause is impr...

7.5CVSS6.8AI score0.00233EPSS
CVE
CVE
added 2023/06/23 10:17 a.m.69 views

CVE-2023-28060

Dell BIOS contains an improper input validation vulnerability (CVE-2023-28060). A local authenticated attacker with administrator privileges may exploit this to modify a UEFI variable. Affected component is BIOS firmware; root cause is input validation failure. Impact is elevation/modification of...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/01/24 8:10 p.m.68 views

CVE-2021-36342

CVE-2021-36342 affects Dell BIOS. A locally authenticated attacker can exploit an improper input validation via a System Management Interrupt (SMI) to achieve arbitrary code execution in SMRAM. Impact is local and persistent within the BIOS/SMRAM context; exploitation details are described as SMI...

7.5CVSS6.8AI score0.00251EPSS
CVE
CVE
added 2023/06/23 10:8 a.m.68 views

CVE-2023-28034

Dell BIOS contains an improper input validation vulnerability that could allow a local authenticated attacker with administrator privileges to modify a UEFI variable. Affected component is the Dell BIOS/Uefi interface on Dell systems. Root cause: improper input validation in the BIOS that handles...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.66 views

CVE-2022-32488

Dell BIOS contains an improper input validation vulnerability (CVE-2022-32488). A local authenticated attacker could use an SMI to gain arbitrary code execution in SMRAM, with high impact on confidentiality/integrity/availability. Affected component is the BIOS firmware on Dell systems; exploitat...

8.2CVSS7.8AI score0.00229EPSS
CVE
CVE
added 2023/06/23 10:30 a.m.66 views

CVE-2023-28058

CVE-2023-28058 describes an improper input validation vulnerability in Dell BIOS. A local authenticated attacker with administrator privileges may exploit this to modify a UEFI variable. Affected component: Dell BIOS; root cause: input validation flaw in BIOS handling of UEFI variables. Impacts r...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/09/06 8:15 p.m.64 views

CVE-2022-26860

CVE-2022-26860 describes a stack-based buffer overflow in Dell BIOS. A local attacker can trigger it via System Management Interrupt (SMI), bypass security checks, and achieve arbitrary code execution in System Management Mode (SMM). Affected: Dell BIOS versions; vulnerability is local with low a...

7.8CVSS7.9AI score0.00181EPSS
CVE
CVE
added 2022/09/06 8:15 p.m.64 views

CVE-2022-26861

Dell BIOS firmware contains an Insecure Automated Optimization vulnerability (CVE-2022-26861) that allows a locally authenticated attacker to trigger arbitrary code execution during System Management Mode (SMM) by sending malicious input via SMI. The issue is tied to the BIOS/SMM trust boundary, ...

7.9CVSS7.6AI score0.00211EPSS
CVE
CVE
added 2023/06/23 10:11 a.m.64 views

CVE-2023-28031

Dell BIOS contains an improper input validation vulnerability that could allow a local authenticated administrator to modify a UEFI variable. Affected component is Dell BIOS (embedded firmware on Dell systems); root cause is input validation failure when handling UEFI variables. The vulnerability...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.62 views

CVE-2022-32491

Dell Client BIOS contains a buffer overflow vulnerability that can be triggered by a locally authenticated user manipulating an SMI to cause an arbitrary write in SMRAM during SMM. Affected: Dell Client BIOS. Root cause: buffer overflow in BIOS. Impact: high confidentiality, integrity, and availa...

7.8CVSS7.4AI score0.00155EPSS
CVE
CVE
added 2023/06/23 10:13 a.m.62 views

CVE-2023-25938

CVE-2023-25938 describes an improper input validation vulnerability in Dell BIOS that can allow a local, authenticated attacker with administrator privileges to modify a UEFI variable. The issue is tied to the BIOS/firmware handling of input and does not include explicit exploit details in the pr...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:37 a.m.59 views

CVE-2023-28033

CVSS context and impact : CVE-2023-28033 affects Dell BIOS (UEFI support code) through an improper input validation vulnerability. A local authenticated user with administrator privileges can potentially exploit this to modify a UEFI variable (impact: confidentiality, integrity, availability rate...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2021/11/12 10:15 p.m.58 views

CVE-2021-36324

CVE-2021-36324 affects Dell BIOS. The issue is an improper input validation in Dell BIOS, enabling a local authenticated attacker to use an SMI to execute arbitrary code in SMRAM. Impact is described as high (confidentiality, integrity, and availability affected) with local attack vector and high...

7.5CVSS6.8AI score0.00233EPSS
CVE
CVE
added 2023/06/23 9:40 a.m.58 views

CVE-2023-25937

Dell BIOS contains an improper input validation vulnerability that could allow a local, authenticated administrator to modify a UEFI variable. The CVE-2023-25937 entry is supported by multiple sources (NVD, CVE list, CNNVD, PRION, etc.). Reported impact includes potential changes to UEFI state wi...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:51 a.m.58 views

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability that could allow a local authenticated user with administrator privileges to modify a UEFI variable. The issue affects Dell BIOS firmware and is described across multiple sources (e.g., Dell KB article DSA-2023-099). No exploitation de...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2022/10/12 7:25 p.m.57 views

CVE-2022-32484

Dell BIOS firmware contains an input validation error that can be exploited by a locally authenticated administrator to modify UEFI variables. The issue is documented as CVE-2022-32484 and is supported by multiple sources (Dell KB, NCSC advisory) noting local access via an admin user and the risk...

5.6CVSS4.5AI score0.00163EPSS
CVE
CVE
added 2023/06/23 10:23 a.m.57 views

CVE-2023-28026

CVE-2023-28026 affects Dell BIOS and stems from improper input validation. A local authenticated attacker with administrator privileges could potentially modify a UEFI variable via this vulnerability. Documents indicate Dell released a BIOS security update addressing multiple improper input valid...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 10:4 a.m.57 views

CVE-2023-28027

Dell BIOS on Dell systems contains an improper input validation vulnerability that enables a local authenticated administrator to modify a UEFI variable. The root cause is insufficient validation in the BIOS input handling, allowing manipulation of UEFI state. The impact, as stated, includes pote...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:16 a.m.57 views

CVE-2023-28059

Dell BIOS contains an improper input validation vulnerability that can allow a local authenticated administrator to modify a UEFI variable. Affected component: Dell BIOS (embedded BIOS on Dell motherboards). Root cause: improper input validation. Impact: potential unauthorized modification of UEF...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:12 a.m.56 views

CVE-2023-28029

CVE-2023-28029 is tied to Dell BIOS and is described as an improper input-validation vulnerability that permits a local authenticated attacker with administrator privileges to modify a UEFI variable. The affected component is Dell BIOS firmware on Dell systems; root cause centers on input validat...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:56 a.m.55 views

CVE-2023-28028

Dell BIOS contains an improper input validation vulnerability (CVE-2023-28028). A local authenticated attacker with administrator privileges can potentially exploit this to modify a UEFI variable. Connected sources indicate affected firmware and that Dell issued a security update (DSA-2023-099) a...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 10:20 a.m.55 views

CVE-2023-28044

Dell BIOS has an improper input-validation vulnerability. A local authenticated attacker with administrator privileges can potentially modify a UEFI variable due to the fault in input validation. Affected component is Dell BIOS firmware on Dell systems; the root cause is input validation failure....

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:2 a.m.54 views

CVE-2023-28052

CVE-2023-28052 describes an improper input validation vulnerability in Dell BIOS. A local authenticated attacker with administrator privileges can potentially modify a UEFI variable, impacting system integrity and availability. The affected component is Dell BIOS (UEFI/firmware) with root cause s...

6.7CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2023/06/23 9:34 a.m.52 views

CVE-2023-28035

Dell BIOS contains an improper input validation vulnerability that could allow a local authenticated administrator to modify a UEFI variable. Affected: Dell BIOS. Root cause: improper input validation. Impact: potential confidentiality, integrity, and limited availability effects per CVSS; local,...

6.7CVSS6.2AI score0.00168EPSS
Total number of security vulnerabilities59