CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38296
https://notcve.org/view.php?id=CVE-2024-38296
Dell Edge Gateway 5200 (Coffee Lake S), versions prior to 12.0.94.2380, contains an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. • https://www.dell.com/support/kbdoc/en-us/000250949/dsa-2024-345-security-update-for-dell-networking-edge-gateway-5200-vulnerability • CWE-1421: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32471
https://notcve.org/view.php?id=CVE-2023-32471
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits. El BIOS de Dell Edge Gateway, versiones 3200 y 5200, contiene una vulnerabilidad de lectura fuera de los límites. Un usuario malintencionado local autenticado con altos privilegios podría explotar esta vulnerabilidad para leer el contenido de la memoria de la pila y utilizar esta información para futuras vulnerabilidades. • https://www.dell.com/support/kbdoc/en-us/000214917/dsa-2023-225-security-update-for-dell-bios-edge-gateway-5200-and-edge-gateway-3200 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34383
https://notcve.org/view.php?id=CVE-2022-34383
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM. Dell Edge Gateway 5200 (EGW) versiones anteriores a 1.03.10, contienen una vulnerabilidad de inyección de comandos en el sistema operativo. Un usuario local malicioso puede explotar potencialmente esta vulnerabilidad al usar un SMI para omitir la mitigación del PMC y conseguir una ejecución de código arbitrario durante el SMM • https://www.dell.com/support/kbdoc/en-us/000202711 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •