CVE-2023-28063
https://notcve.org/view.php?id=CVE-2023-28063
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. El BIOS de Dell contiene una vulnerabilidad de error de conversión de firmado a no firmado. Un usuario malintencionado local autenticado con privilegios de administrador podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000214780/dsa-2023-176-dell-client-bios-security-update-for-a-signed-to-unsigned-conversion-error-vulnerability • CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •
CVE-2023-28049
https://notcve.org/view.php?id=CVE-2023-28049
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. Dell Command | Monitor, las versiones anteriores a la 10.9 contienen una vulnerabilidad de eliminación arbitraria de carpetas. Un usuario malintencionado autenticado localmente puede aprovechar esta vulnerabilidad para realizar una eliminación arbitraria de archivos con privilegios. • https://www.dell.com/support/kbdoc/en-us/000211748/dsa-2023-125-dell-command-monitor-dcm • CWE-267: Privilege Defined With Unsafe Actions CWE-269: Improper Privilege Management •
CVE-2023-25543
https://notcve.org/view.php?id=CVE-2023-25543
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system. Dell Power Manager, versiones anteriores a la 3.14, contienen una vulnerabilidad de autorización incorrecta en el servicio DPM. Un usuario malintencionado con pocos privilegios podría explotar esta vulnerabilidad para elevar los privilegios en el sistema. • https://www.dell.com/support/kbdoc/en-us/000209464/dsa-2023-075 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVE-2020-29504
https://notcve.org/view.php?id=CVE-2020-29504
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5.2, contienen una vulnerabilidad de paso criptográfico requerido faltante. • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-295: Improper Certificate Validation •
CVE-2021-21575
https://notcve.org/view.php?id=CVE-2021-21575
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5.2, contienen una vulnerabilidad de discrepancia de tiempo observable. • https://www.dell.com/support/kbdoc/en-us/000189462/dsa-2021-131-dell-bsafetm-micro-edition-suite-multiple-vulnerabilities • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •