CVSS: 6.7EPSS: 0%CPEs: 582EXPL: 0CVE-2023-28063
https://notcve.org/view.php?id=CVE-2023-28063
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. El BIOS de Dell contiene una vulnerabilidad de error de conversión de firmado a no firmado. Un usuario malintencionado local autenticado con privilegios de administrador podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000214780/dsa-2023-176-dell-client-bios-security-update-for-a-signed-to-unsigned-conversion-error-vulnerability • CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 6.9EPSS: 0%CPEs: 490EXPL: 0CVE-2023-28075
https://notcve.org/view.php?id=CVE-2023-28075
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 482EXPL: 0CVE-2022-34398
https://notcve.org/view.php?id=CVE-2022-34398
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. • https://www.dell.com/support/kbdoc/000206038 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 580EXPL: 0CVE-2022-32493
https://notcve.org/view.php?id=CVE-2022-32493
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. Dell BIOS contiene una vulnerabilidad de desbordamiento del búfer en la región Stack de la memoria. Un usuario malicioso autenticado localmente podría explotar esta vulnerabilidad al usar un SMI para conseguir una ejecución de código arbitrario en la SMRAM • https://www.dell.com/support/kbdoc/000203758 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 580EXPL: 0CVE-2022-32491
https://notcve.org/view.php?id=CVE-2022-32491
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. Dell Client BIOS contiene una vulnerabilidad de desbordamiento del búfer. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad al manipular un SMI para causar una escritura arbitraria durante el SMM • https://www.dell.com/support/kbdoc/000203758 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •