CVE-2023-28052
https://notcve.org/view.php?id=CVE-2023-28052
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVE-2023-25936
https://notcve.org/view.php?id=CVE-2023-25936
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVE-2022-34398
https://notcve.org/view.php?id=CVE-2022-34398
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-24421
https://notcve.org/view.php?id=CVE-2022-24421
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. Dell BIOS contiene una vulnerabilidad de comprobación de entrada inapropiada. Un usuario malicioso autenticado localmente podría explotar esta vulnerabilidad al usar un SMI para conseguir una ejecución de código arbitrario durante el SMM • https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2022-24420
https://notcve.org/view.php?id=CVE-2022-24420
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. Dell BIOS contiene una vulnerabilidad de comprobación de entrada inapropiada. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad al usar un SMI para conseguir una ejecución de código arbitrario durante el SMM • https://www.dell.com/support/kbdoc/en-us/000197057/dsa-2022-053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •