Latitude 7390 Firmware

latitude_7390_firmware

Vendor: Dell • 59 CVEs

CVEs (59)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-32488 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32487 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32485 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32484 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32483 1Dell 290Alienware Area 51m R1 Firmware Alienware Area 51m R2 FirmwareAlienware Aurora R10 Firmware+287 more Nov 21, 2024 Oct 12, 2022 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-26861 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution dur...Show more Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.Show less
CVE-2022-26860 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution...Show more Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.Show less
CVE-2022-26859 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.0 HIGH· v3 N/A· v2 Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.
CVE-2022-26858 1Dell 399Alienware M15 R6 Firmware Chengming 3980 FirmwareChengming 3988 Firmware+396 more Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security co...Show more Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.Show less
CVE-2021-36343 1Dell 411Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+408 more Feb 23, 2026 Jan 24, 2022 N/A· v4 6.4 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36342 1Dell 427Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+424 more Feb 23, 2026 Jan 24, 2022 N/A· v4 6.4 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36325 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36324 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36323 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-21522 1Dell 28Latitude 5285 2 In 1 Firmware Latitude 5289 2 In 1 FirmwareLatitude 5290 2 In 1 Firmware+25 more Nov 21, 2024 Sep 28, 2021 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password...Show more Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via the Manageability Interface.Show less
CVE-2020-5362 1Dell 354Chengming 3967 Firmware Chengming 3977 FirmwareChengming 3980 Firmware+351 more Nov 21, 2024 Jun 10, 2020 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges...Show more Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.Show less
CVE-2020-5326 1Dell 174Chengming 3980 Firmware Embedded Box Pc 5000 FirmwareG3 3579 Firmware+171 more Nov 21, 2024 Feb 21, 2020 N/A· v4 5.3 MEDIUM· v3 2.1 LOW· v2 Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the s...Show more Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.Show less
CVE-2020-5324 1Dell 113G3 15 3590 Firmware G3 3579 FirmwareG3 3779 Firmware+110 more Nov 21, 2024 Feb 21, 2020 N/A· v4 4.4 MEDIUM· v3 2.6 LOW· v2 Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administ...Show more Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.Show less
CVE-2019-3717 1Dell 241Chengming 3967 Firmware Chengming 3977 FirmwareChengming 3980 Firmware+238 more Nov 21, 2024 Aug 5, 2019 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to...Show more Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability.Show less

Previous 1 23