Summary
| Detail | |||
|---|---|---|---|
| Vendor | Dell | First view | 2022-09-12 |
| Product | Chengming 3900 Firmware | Last view | 2024-08-28 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:dell:chengming_3900_firmware:-:*:*:*:*:*:*:* | 42 |
| cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:* | 41 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.3 | 2024-08-28 | CVE-2023-43078 | Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service. |
| 6.7 | 2024-07-02 | CVE-2024-0158 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges |
| 4.4 | 2024-04-10 | CVE-2024-22448 | Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. |
| 4.4 | 2024-02-06 | CVE-2023-28063 | Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. |
| 3.9 | 2023-08-16 | CVE-2023-32453 | Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator. |
| 6.3 | 2023-08-16 | CVE-2023-28075 | Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system. |
| 4.6 | 2023-06-23 | CVE-2023-28064 | Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. |
| 6.7 | 2023-06-23 | CVE-2023-28061 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28060 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28059 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28058 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28056 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28054 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28052 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28050 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28044 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28042 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28041 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28040 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28039 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28036 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28035 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28034 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28033 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| 6.7 | 2023-06-23 | CVE-2023-28032 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 78% (29) | CWE-20 | Improper Input Validation |
| 5% (2) | CWE-252 | Unchecked Return Value |
| 2% (1) | CWE-787 | Out-of-bounds Write |
| 2% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 2% (1) | CWE-681 | Incorrect Conversion between Numeric Types |
| 2% (1) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 2% (1) | CWE-287 | Improper Authentication |
| 2% (1) | CWE-200 | Information Exposure |
