CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-22429
https://notcve.org/view.php?id=CVE-2024-22429
Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. Dell BIOS contiene una vulnerabilidad de validación de entrada incorrecta. Un usuario malicioso local autenticado con privilegios de administrador podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de código arbitrario. • https://www.dell.com/support/kbdoc/en-us/000221102/dsa-2024-020 • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 22EXPL: 0CVE-2024-22448
https://notcve.org/view.php?id=CVE-2024-22448
Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. Dell BIOS contiene una vulnerabilidad de escritura fuera de los límites. Un usuario malintencionado local autenticado con privilegios de administrador podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000221744/dsa-2024-066 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-0163
https://notcve.org/view.php?id=CVE-2024-0163
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de condición de ejecución TOCTOU. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad para obtener acceso a recursos que de otro modo no estarían autorizados. • https://www.dell.com/support/kbdoc/en-us/000222756/dsa-2024-003-security-update-for-dell-poweredge-server-bios-for-a-time-of-check-time-of-use-toctou-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-0162
https://notcve.org/view.php?id=CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría lecturas/escrituras fuera de los límites en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000222812/dsa-2024-004-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-48674
https://notcve.org/view.php?id=CVE-2023-48674
Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user with network access to the system could potentially send malicious data to the device in order to cause some services to cease to function. • https://www.dell.com/support/kbdoc/en-us/000220410/dsa-2023-467 • CWE-170: Improper Null Termination •