Latitude 7220ex Rugged Extreme Tablet Firmware

latitude_7220ex_rugged_extreme_tablet_firmware

Vendor: Dell • 16 CVEs

CVEs (16)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-34398 1Dell 239Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+236 more Dec 19, 2024 Feb 1, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain ar...Show more Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system. Show less
CVE-2022-32493 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32491 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
CVE-2022-32489 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32488 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32487 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32485 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32484 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32483 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-26861 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution dur...Show more Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.Show less
CVE-2022-26860 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution...Show more Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.Show less
CVE-2022-26859 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.0 HIGH· v3 N/A· v2 Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.
CVE-2022-26858 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security co...Show more Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.Show less
CVE-2021-36283 1Dell 85Chengming 3990 Firmware Chengming 3991 FirmwareG3 15 3500 Firmware+82 more Nov 21, 2024 Sep 28, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2020-5363 1Dell 18Latitude 5300 2 In 1 Firmware Latitude 5300 FirmwareLatitude 5400 Firmware+15 more Nov 21, 2024 Jun 10, 2020 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. This co...Show more Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. This could potentially allow an unauthorized actor, with physical access and/or OS administrator privileges to the device, to gain privileged access to the platform and the hard drive.Show less
CVE-2020-5324 1Dell 113G3 15 3590 Firmware G3 3579 FirmwareG3 3779 Firmware+110 more Nov 21, 2024 Feb 21, 2020 N/A· v4 4.4 MEDIUM· v3 2.6 LOW· v2 Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administ...Show more Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.Show less