Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36343 | 1 Dell | 668 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 665 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2021-36285 | 1 Dell | 42 Latitude 5310 2-in-1, Latitude 5310 2-in-1 Firmware, Latitude 5320 and 39 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack. | |||||
| CVE-2021-21574 | 1 Dell | 256 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3990 and 253 more | 2023-12-10 | 6.9 MEDIUM | 7.5 HIGH |
| Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions. | |||||
| CVE-2021-21571 | 1 Dell | 256 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3990 and 253 more | 2023-12-10 | 5.8 MEDIUM | 6.5 MEDIUM |
| Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering. | |||||
| CVE-2021-21572 | 1 Dell | 256 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3990 and 253 more | 2023-12-10 | 6.9 MEDIUM | 7.5 HIGH |
| Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions. | |||||
| CVE-2021-21573 | 1 Dell | 256 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3990 and 253 more | 2023-12-10 | 6.9 MEDIUM | 7.5 HIGH |
| Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions. | |||||