CVE-2022-34386
https://notcve.org/view.php?id=CVE-2022-34386
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. • https://www.dell.com/support/kbdoc/000204114 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVE-2022-34385
https://notcve.org/view.php?id=CVE-2022-34385
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. • https://www.dell.com/support/kbdoc/000204114 • CWE-326: Inadequate Encryption Strength •
CVE-2022-34384
https://notcve.org/view.php?id=CVE-2022-34384
Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. • https://www.dell.com/support/kbdoc/000204114 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVE-2022-34377
https://notcve.org/view.php?id=CVE-2022-34377
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2022-34376
https://notcve.org/view.php?id=CVE-2022-34376
Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •