Optiplex 7780 All-in-one Firmware Security Vulnerabilities and Issues — Optiplex 7780 All-in-one Firmware CVE List

Lucene search

DellOptiplex 7780 All-in-one Firmware

46 matches found

CVE•added 2024/02/06 8:15 a.m.•252 views

CVE-2023-28063

Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

6.7CVSS4.5AI score0.00013EPSS

CVE•added 2022/01/24 8:15 p.m.•99 views

CVE-2021-36343

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

7.5CVSS6.8AI score0.0004EPSS

CVE•added 2022/02/09 8:15 p.m.•98 views

CVE-2022-22566

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

7.2CVSS7AI score0.00042EPSS

CVE•added 2022/02/09 8:15 p.m.•97 views

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.

5.1CVSS5AI score0.00022EPSS

CVE•added 2024/03/01 1:15 p.m.•95 views

CVE-2023-48674

Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function.

6.8CVSS6.4AI score0.00126EPSS

CVE•added 2022/09/06 9:15 p.m.•83 views

CVE-2022-26858

Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.

7.8CVSS7.5AI score0.0001EPSS

CVE•added 2021/06/24 5:15 p.m.•77 views

CVE-2021-21571

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and ...

6.5CVSS6.8AI score0.00471EPSS

CVE•added 2021/06/24 5:15 p.m.•73 views

CVE-2021-21574

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions.

7.5CVSS7.7AI score0.00089EPSS

CVE•added 2023/02/01 6:15 a.m.•68 views

CVE-2022-34398

Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.

7.5CVSS7.1AI score0.00038EPSS

CVE•added 2023/08/16 8:15 p.m.•68 views

CVE-2023-28075

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the syst...

6.9CVSS6.5AI score0.00032EPSS

CVE•added 2024/04/10 8:15 a.m.•63 views

CVE-2024-22448

Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.

4.7CVSS6.4AI score0.00039EPSS

CVE•added 2021/06/24 5:15 p.m.•62 views

CVE-2021-21572

7.5CVSS7.7AI score0.00038EPSS

CVE•added 2021/06/24 5:15 p.m.•62 views

CVE-2021-21573

7.5CVSS7.7AI score0.00046EPSS

CVE•added 2023/06/23 11:15 a.m.•58 views

CVE-2023-28036

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.