CVSS: 6.7EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34377
https://notcve.org/view.php?id=CVE-2022-34377
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34376
https://notcve.org/view.php?id=CVE-2022-34376
Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 62EXPL: 0CVE-2021-21557
https://notcve.org/view.php?id=CVE-2021-21557
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode. Dell PowerEdge Server BIOS y select Dell Precision Rack BIOS contienen una vulnerabilidad de acceso a la matriz fuera de límites. Un usuario local malicioso con privilegios elevados puede explotar potencialmente esta vulnerabilidad, conllevando una denegación de servicio, ejecución de código arbitrario o divulgación de información en el Modo de Administración del Sistema • https://www.dell.com/support/kbdoc/000187958 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •