Filtered by vendor Dell Subscriptions
Filtered by product Cpg Bios Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-32480 1 Dell 63 Alienware M15 R7, Alienware M15 R7 Firmware, Cpg Bios and 60 more 2024-11-29 6.8 Medium
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.
CVE-2024-32860 1 Dell 45 Alienware Area 51m R2, Alienware Area 51m R2 Firmware, Alienware Aurora R11 and 42 more 2024-11-21 7.5 High
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2023-28075 1 Dell 485 Alienware M15 R7, Alienware M15 R7 Firmware, Alienware M16 and 482 more 2024-11-21 6.9 Medium
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
CVE-2020-5361 1 Dell 1 Cpg Bios 2024-11-21 5.1 Medium
Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized password generation tools that can generate BIOS recovery passwords. The tools, which are not authorized by Dell, can be used by a physically present attacker to reset BIOS passwords and BIOS-managed Hard Disk Drive (HDD) passwords. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to bypass security restrictions for BIOS Setup configuration, HDD access and BIOS pre-boot authentication.