21 results (0.004 seconds)

CVSS: 6.9EPSS: 0%CPEs: 490EXPL: 0

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. • https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 482EXPL: 0

Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. Dell BIOS contiene una vulnerabilidad de validación de entrada incorrecta. Un usuario malicioso autenticado local podría explotar esta vulnerabilidad utilizando un SMI para obtener la ejecución de código arbitrario en SMRAM. • https://www.dell.com/support/kbdoc/000204685 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 580EXPL: 0

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. Dell BIOS contiene una vulnerabilidad de desbordamiento del búfer en la región Stack de la memoria. Un usuario malicioso autenticado localmente podría explotar esta vulnerabilidad al usar un SMI para conseguir una ejecución de código arbitrario en la SMRAM • https://www.dell.com/support/kbdoc/000203758 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •