Summary
| Detail | |||
|---|---|---|---|
| Vendor | Dell | First view | 2020-06-10 |
| Product | Optiplex 3280 Aio Firmware | Last view | 2022-10-12 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:dell:optiplex_3280_aio_firmware:*:*:*:*:*:*:*:* | 12 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2022-10-12 | CVE-2022-32493 | Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 7.8 | 2022-10-12 | CVE-2022-32491 | Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. |
| 7.8 | 2022-10-12 | CVE-2022-32489 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 7.8 | 2022-10-12 | CVE-2022-32488 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 7.8 | 2022-10-12 | CVE-2022-32487 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 7.8 | 2022-10-12 | CVE-2022-32485 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 4.4 | 2022-10-12 | CVE-2022-32484 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 4.4 | 2022-10-12 | CVE-2022-32483 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 4.4 | 2021-09-28 | CVE-2021-36285 | Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack. |
| 4.4 | 2021-09-28 | CVE-2021-36284 | Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack. |
| 6.7 | 2021-09-28 | CVE-2021-36283 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. |
| 4.4 | 2020-06-10 | CVE-2020-5362 | Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 75% (6) | CWE-20 | Improper Input Validation |
| 12% (1) | CWE-787 | Out-of-bounds Write |
| 12% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
