Dell Latitude 7370 Firmware

CPE Details

Dell Latitude 7370 Firmware
dell
latitude_7370_firmware
-
2020-03-06
18h59 +00:00
2020-03-06
18h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:dell:latitude_7370_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

dell

Product

latitude_7370_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-34398 2023-02-01 05h28 +00:00 Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.
7.5
High
CVE-2022-32493 2022-10-12 19h25 +00:00 Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.8
High
CVE-2022-32491 2022-10-12 19h25 +00:00 Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
7.8
High
CVE-2022-32489 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
8.2
High
CVE-2022-32488 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
8.2
High
CVE-2022-32487 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.8
High
CVE-2022-32485 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.8
High
CVE-2022-32484 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
5.6
Medium
CVE-2022-32483 2022-10-12 19h25 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
5.6
Medium
CVE-2022-26861 2022-09-06 20h15 +00:00 Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.
7.9
High
CVE-2022-26860 2022-09-06 20h15 +00:00 Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.
7.8
High
CVE-2022-26859 2022-09-06 20h15 +00:00 Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.
7
High
CVE-2022-26858 2022-09-06 20h15 +00:00 Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.
7.8
High
CVE-2021-36325 2021-11-12 22h15 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
High
CVE-2021-36324 2021-11-12 22h15 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
High
CVE-2021-36323 2021-11-12 22h15 +00:00 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
High
CVE-2021-36285 2021-09-28 19h20 +00:00 Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.
5.7
Medium
CVE-2021-36284 2021-09-28 19h20 +00:00 Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.
5.7
Medium
CVE-2021-21522 2021-09-28 19h20 +00:00 Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.
8.2
High
CVE-2020-5362 2020-06-10 20h40 +00:00 Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.
7.1
High
CVE-2020-5326 2020-02-21 14h50 +00:00 Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.
6.1
Medium
CVE-2019-3717 2019-08-05 16h38 +00:00 Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability.
6.8
Medium