3 results (0.005 seconds)

CVSS: 6.9EPSS: 0%CPEs: 490EXPL: 0

Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution. • https://www.dell.com/support/kbdoc/en-us/000210955/dsa-2023-046 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 482EXPL: 0

Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •