CVE-2023-28052
https://notcve.org/view.php?id=CVE-2023-28052
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVE-2023-25936
https://notcve.org/view.php?id=CVE-2023-25936
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000212204/dsa-2023-099-dell-client-bios-security-update-for-multiple-improper-input-validation-vulnerabilities • CWE-20: Improper Input Validation •
CVE-2022-46752
https://notcve.org/view.php?id=CVE-2022-46752
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. • https://www.dell.com/support/kbdoc/en-us/000207928/dsa-2023-011-dell-client-platform-security-update-for-a-bios-vulnerability • CWE-285: Improper Authorization •
CVE-2022-34398
https://notcve.org/view.php?id=CVE-2022-34398
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-32482
https://notcve.org/view.php?id=CVE-2022-32482
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. • https://www.dell.com/support/kbdoc/en-us/000205717/dsa-2022-326 • CWE-20: Improper Input Validation •