Search

Find a vulnerability

Search criteria

    46 vulnerabilities found for nx440_firmware by dell

    CVE-2024-0172 (GCVE-0-2024-0172)

    Vulnerability from nvd – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 1.5.6 (semver)
    Affected: N/A , < 1.1.3 (semver)
    Affected: N/A , < 1.1.4 (semver)
    Affected: N/A , < 1.2.5 (semver)
    Affected: N/A , < 1.3.6 (semver)
    Affected: N/A , < 1.4.6 (semver)
    Affected: N/A , < 1.11.2 (semver)
    Affected: N/A , < 1.7.3 (semver)
    Affected: N/A , < 1.12.1 (semver)
    Affected: N/A , < 2.12.4 (semver)
    Affected: N/A , < 2.19.1 (semver)
    Affected: N/A , < 2.19.0 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 1.20.0 (semver)
    Create a notification for this product.
    dell poweredge_r660_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx760c_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r860_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r960_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_hs5610_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_hs5620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r660xs_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xs_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xd2_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t560_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xa_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe9680_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr5610_firmware Affected: 0 , < 1.1.4 (custom)
        cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr8620t_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr7620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe8640_firmware Affected: 0 , < 1.2.5 (custom)
        cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe9640_firmware Affected: 0 , < 1.3.6 (custom)
        cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6615_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7615_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6625_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7625_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r650_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750xa_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6520_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx750c_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r550_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r450_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r650xs_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750xs_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t550_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr11_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr12_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t150_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t350_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r250_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r350_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr4510c_firmware Affected: 0 , < 1.12.1 (custom)
        cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr4520c_firmware Affected: 0 , < 1.12.1 (custom)
        cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6515_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7515_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe8545_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740xd_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r940_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r540_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r440_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t440_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr2_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740xd2_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r840_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r940xa_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6420_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_fc640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_m640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx740c_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx840c_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c4140_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe2420_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe7420_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe7440_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t140_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t340_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r240_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r340_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6415_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7415_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7425_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_storage_nx3240_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_storage_nx3340_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc450_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc650_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc750_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-04-02 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.006Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r660_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx760c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r860_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r960_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_hs5610_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_hs5620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r660xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xd2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t560_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe9680_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr5610_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr8620t_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr7620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe8640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.2.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe9640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.3.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6615_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7615_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6625_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7625_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r650_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6520_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx750c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r550_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r450_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r650xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t550_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr11_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr12_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t150_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t350_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r250_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r350_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr4510c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.12.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr4520c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.12.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6515_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7515_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe8545_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740xd_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r940_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r540_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740xd2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r840_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r940xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_fc640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_m640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx740c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx840c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c4140_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe2420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe7420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe7440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t140_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r240_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6415_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7415_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7425_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_storage_nx3240_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_storage_nx3340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc450_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc650_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc750_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0172",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-11T04:01:19.460976Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T20:30:48.954Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "1.5.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.1.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.5",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.3.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.4.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.11.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.12.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.12.4",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2024-04-02T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-03T09:09:18.449Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0172",
        "datePublished": "2024-04-03T09:09:18.449Z",
        "dateReserved": "2023-12-14T05:35:36.325Z",
        "dateUpdated": "2024-08-20T20:30:48.954Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0173 (GCVE-0-2024-0173)

    Vulnerability from nvd – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-788 - Access of Memory Location After End of Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 2.0.0 (semver)
    Affected: N/A , < 1.7.6 (semver)
    Affected: N/A , < 1.7.2 (semver)
    Affected: N/A , < 1.2.3 (semver)
    Affected: N/A , < 1.13.2 (semver)
    Affected: N/A , < 1.14.1 (semver)
    Affected: N/A , < 1.9.1 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 2.21.2 (semver)
    Affected: N/A , < 2.21.1 (semver)
    Affected: N/A , < 2.21.0 (semver)
    Affected: N/A , < 2.16.0 (semver)
    Affected: N/A , < 2.19.0  (semver)
    Affected: N/A , < 2.14.0  (semver)
    Affected: N/A , < 1.19.0  (semver)
    Affected: N/A , < 2.20.0   (semver)
    Create a notification for this product.
    Date Public
    2024-03-12 06:30
    Credits
    Dell would like to thank codebreaker1337 for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0173",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T20:00:50.556667Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:58:23.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform\t",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.13.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.9.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.16.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.20.0\u202f\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dell would like to thank codebreaker1337 for reporting this issue."
            }
          ],
          "datePublic": "2024-03-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-788",
                  "description": "CWE-788: Access of Memory Location After End of Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-13T16:52:21.293Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0173",
        "datePublished": "2024-03-13T16:52:21.293Z",
        "dateReserved": "2023-12-14T05:35:37.836Z",
        "dateUpdated": "2024-08-01T17:41:16.066Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0154 (GCVE-0-2024-0154)

    Vulnerability from nvd – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-788 - Access of Memory Location After End of Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 2.0.0 (semver)
    Affected: N/A , < 1.7.6 (semver)
    Affected: N/A , < 1.7.2 (semver)
    Affected: N/A , < 1.2.3 (semver)
    Affected: N/A , < 1.13.2 (semver)
    Affected: N/A , < 1.14.1 (semver)
    Affected: N/A , < 1.9.1 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 2.21.2 (semver)
    Affected: N/A , < 2.21.1 (semver)
    Affected: N/A , < 2.21.0 (semver)
    Affected: N/A , < 2.16.0 (semver)
    Affected: N/A , < 2.19.0  (semver)
    Affected: N/A , < 2.14.0  (semver)
    Affected: N/A , < 1.19.0  (semver)
    Affected: N/A , < 2.20.0  (semver)
    Create a notification for this product.
    Date Public
    2024-03-12 06:30
    Credits
    Dell would like to thank codebreaker1337 for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0154",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T19:40:48.987776Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:58:45.175Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.006Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.13.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.9.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.16.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.20.0\u202f",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dell would like to thank codebreaker1337 for reporting this issue."
            }
          ],
          "datePublic": "2024-03-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-788",
                  "description": "CWE-788: Access of Memory Location After End of Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-13T16:41:09.360Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0154",
        "datePublished": "2024-03-13T16:41:09.360Z",
        "dateReserved": "2023-12-14T05:29:25.760Z",
        "dateUpdated": "2024-08-01T17:41:16.006Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34423 (GCVE-0-2022-34423)

    Vulnerability from nvd – Published: 2023-03-16 12:21 – Updated: 2025-02-26 15:24
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34423",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:22:30.161525Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:24:44.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T12:21:18.567Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34423",
        "datePublished": "2023-03-16T12:21:18.567Z",
        "dateReserved": "2022-06-23T18:55:17.113Z",
        "dateUpdated": "2025-02-26T15:24:44.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34422 (GCVE-0-2022-34422)

    Vulnerability from nvd – Published: 2023-03-16 11:58 – Updated: 2025-02-26 15:25
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34422",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:25:29.298270Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:25:48.533Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:58:56.346Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34422",
        "datePublished": "2023-03-16T11:58:56.346Z",
        "dateReserved": "2022-06-23T18:55:17.112Z",
        "dateUpdated": "2025-02-26T15:25:48.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34421 (GCVE-0-2022-34421)

    Vulnerability from nvd – Published: 2023-03-16 11:57 – Updated: 2025-02-26 15:27
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.161Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34421",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:26:39.426402Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:27:13.550Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:57:14.398Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34421",
        "datePublished": "2023-03-16T11:57:14.398Z",
        "dateReserved": "2022-06-23T18:55:17.112Z",
        "dateUpdated": "2025-02-26T15:27:13.550Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34420 (GCVE-0-2022-34420)

    Vulnerability from nvd – Published: 2023-03-16 11:55 – Updated: 2025-02-26 15:28
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.233Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34420",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:27:47.299395Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:28:54.859Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:55:42.091Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34420",
        "datePublished": "2023-03-16T11:55:42.091Z",
        "dateReserved": "2022-06-23T18:55:17.111Z",
        "dateUpdated": "2025-02-26T15:28:54.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34419 (GCVE-0-2022-34419)

    Vulnerability from nvd – Published: 2023-03-16 11:54 – Updated: 2025-02-26 15:31
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34419",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:30:42.766940Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:31:02.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:54:01.719Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34419",
        "datePublished": "2023-03-16T11:54:01.719Z",
        "dateReserved": "2022-06-23T18:55:17.111Z",
        "dateUpdated": "2025-02-26T15:31:02.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34418 (GCVE-0-2022-34418)

    Vulnerability from nvd – Published: 2023-03-16 11:52 – Updated: 2025-02-26 15:31
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.249Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34418",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:31:40.577088Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:31:57.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:52:24.907Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34418",
        "datePublished": "2023-03-16T11:52:24.907Z",
        "dateReserved": "2022-06-23T18:55:17.110Z",
        "dateUpdated": "2025-02-26T15:31:57.737Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34417 (GCVE-0-2022-34417)

    Vulnerability from nvd – Published: 2023-03-16 11:50 – Updated: 2025-02-26 15:32
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.279Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34417",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:32:32.520555Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:32:48.216Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:50:19.823Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34417",
        "datePublished": "2023-03-16T11:50:19.823Z",
        "dateReserved": "2022-06-23T18:55:17.110Z",
        "dateUpdated": "2025-02-26T15:32:48.216Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34416 (GCVE-0-2022-34416)

    Vulnerability from nvd – Published: 2023-03-16 11:48 – Updated: 2025-02-26 15:34
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.164Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34416",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:34:42.338079Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:34:55.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:48:20.844Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34416",
        "datePublished": "2023-03-16T11:48:20.844Z",
        "dateReserved": "2022-06-23T18:55:17.109Z",
        "dateUpdated": "2025-02-26T15:34:55.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34415 (GCVE-0-2022-34415)

    Vulnerability from nvd – Published: 2023-03-16 11:44 – Updated: 2025-02-26 15:35
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34415",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:35:30.385814Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:35:49.461Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:44:58.828Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34415",
        "datePublished": "2023-03-16T11:44:58.828Z",
        "dateReserved": "2022-06-23T18:55:17.108Z",
        "dateUpdated": "2025-02-26T15:35:49.461Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34414 (GCVE-0-2022-34414)

    Vulnerability from nvd – Published: 2023-03-16 11:37 – Updated: 2025-02-26 15:48
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34414",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:48:24.496310Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:48:54.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:37:21.334Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34414",
        "datePublished": "2023-03-16T11:37:21.334Z",
        "dateReserved": "2022-06-23T18:55:17.108Z",
        "dateUpdated": "2025-02-26T15:48:54.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34413 (GCVE-0-2022-34413)

    Vulnerability from nvd – Published: 2023-03-16 11:35 – Updated: 2025-02-26 15:56
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.142Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34413",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:50:14.358417Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:56:42.123Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:35:09.561Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34413",
        "datePublished": "2023-03-16T11:35:09.561Z",
        "dateReserved": "2022-06-23T18:55:17.107Z",
        "dateUpdated": "2025-02-26T15:56:42.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34412 (GCVE-0-2022-34412)

    Vulnerability from nvd – Published: 2023-03-16 11:33 – Updated: 2025-02-26 18:56
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.315Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34412",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:01:06.798290Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:56:01.435Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:33:34.235Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34412",
        "datePublished": "2023-03-16T11:33:34.235Z",
        "dateReserved": "2022-06-23T18:55:17.107Z",
        "dateUpdated": "2025-02-26T18:56:01.435Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34411 (GCVE-0-2022-34411)

    Vulnerability from nvd – Published: 2023-03-16 11:31 – Updated: 2025-02-26 18:56
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34411",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:03:59.875459Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:56:28.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:31:33.840Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34411",
        "datePublished": "2023-03-16T11:31:33.840Z",
        "dateReserved": "2022-06-23T18:55:17.106Z",
        "dateUpdated": "2025-02-26T18:56:28.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34410 (GCVE-0-2022-34410)

    Vulnerability from nvd – Published: 2023-03-16 11:29 – Updated: 2025-02-26 18:56
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.247Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34410",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:05:04.327169Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:56:57.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:29:24.037Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34410",
        "datePublished": "2023-03-16T11:29:24.037Z",
        "dateReserved": "2022-06-23T18:55:17.105Z",
        "dateUpdated": "2025-02-26T18:56:57.566Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34409 (GCVE-0-2022-34409)

    Vulnerability from nvd – Published: 2023-03-16 11:26 – Updated: 2025-02-26 18:57
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.288Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34409",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:09:42.465803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:57:23.837Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:26:00.563Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34409",
        "datePublished": "2023-03-16T11:26:00.563Z",
        "dateReserved": "2022-06-23T18:55:17.103Z",
        "dateUpdated": "2025-02-26T18:57:23.837Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34408 (GCVE-0-2022-34408)

    Vulnerability from nvd – Published: 2023-03-16 11:07 – Updated: 2025-02-26 15:58
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.240Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34408",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:57:44.430496Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:58:08.894Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:07:12.263Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34408",
        "datePublished": "2023-03-16T11:07:12.263Z",
        "dateReserved": "2022-06-23T18:55:17.102Z",
        "dateUpdated": "2025-02-26T15:58:08.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34407 (GCVE-0-2022-34407)

    Vulnerability from nvd – Published: 2023-03-16 11:04 – Updated: 2025-02-26 18:57
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.155Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34407",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:11:20.437216Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:57:55.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:04:32.170Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34407",
        "datePublished": "2023-03-16T11:04:32.170Z",
        "dateReserved": "2022-06-23T18:55:17.102Z",
        "dateUpdated": "2025-02-26T18:57:55.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34406 (GCVE-0-2022-34406)

    Vulnerability from nvd – Published: 2023-03-16 11:00 – Updated: 2025-02-26 18:58
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.231Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T16:11:49.619723Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T18:58:20.922Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:00:25.319Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34406",
        "datePublished": "2023-03-16T11:00:25.319Z",
        "dateReserved": "2022-06-23T18:55:17.101Z",
        "dateUpdated": "2025-02-26T18:58:20.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0172 (GCVE-0-2024-0172)

    Vulnerability from cvelistv5 – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 1.5.6 (semver)
    Affected: N/A , < 1.1.3 (semver)
    Affected: N/A , < 1.1.4 (semver)
    Affected: N/A , < 1.2.5 (semver)
    Affected: N/A , < 1.3.6 (semver)
    Affected: N/A , < 1.4.6 (semver)
    Affected: N/A , < 1.11.2 (semver)
    Affected: N/A , < 1.7.3 (semver)
    Affected: N/A , < 1.12.1 (semver)
    Affected: N/A , < 2.12.4 (semver)
    Affected: N/A , < 2.19.1 (semver)
    Affected: N/A , < 2.19.0 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 1.20.0 (semver)
    Create a notification for this product.
    dell poweredge_r660_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx760c_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r860_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r960_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_hs5610_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_hs5620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r660xs_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xs_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xd2_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t560_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r760xa_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe9680_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr5610_firmware Affected: 0 , < 1.1.4 (custom)
        cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr8620t_firmware Affected: 0 , < 1.1.3 (custom)
        cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr7620_firmware Affected: 0 , < 1.5.6 (custom)
        cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe8640_firmware Affected: 0 , < 1.2.5 (custom)
        cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe9640_firmware Affected: 0 , < 1.3.6 (custom)
        cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6615_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7615_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6625_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7625_firmware Affected: 0 , < 1.4.6 (custom)
        cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r650_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750xa_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6520_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx750c_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r550_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r450_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r650xs_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r750xs_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t550_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr11_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr12_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t150_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t350_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r250_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r350_firmware Affected: 0 , < 1.7.3 (custom)
        cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr4510c_firmware Affected: 0 , < 1.12.1 (custom)
        cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr4520c_firmware Affected: 0 , < 1.12.1 (custom)
        cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6515_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7515_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6525_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe8545_firmware Affected: 0 , < 2.12.4 (custom)
        cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740xd_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r940_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r540_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r440_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t440_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xr2_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r740xd2_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r840_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r940xa_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c6420_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_fc640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_m640_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx740c_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_mx840c_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_c4140_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe2420_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe7420_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_xe7440_firmware Affected: 0 , < 2.19.0 (custom)
        cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t140_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_t340_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r240_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r340_firmware Affected: 0 , < 2.14.1 (custom)
        cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r6415_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7415_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell poweredge_r7425_firmware Affected: 0 , < 1.20.0 (custom)
        cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_storage_nx3240_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_storage_nx3340_firmware Affected: 0 , < 2.19.1 (custom)
        cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc450_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc650_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    dell emc_xc_core_xc750_firmware Affected: 0 , < 1.11.2 (custom)
        cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-04-02 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.006Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r660_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx760c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r860_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r960_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_hs5610_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_hs5620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r660xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xd2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t560_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r760xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe9680_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr5610_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr8620t_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.1.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr7620_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.5.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe8640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.2.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe9640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.3.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6615_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7615_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6625_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7625_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.4.6",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r650_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6520_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx750c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r550_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r450_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r650xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r750xs_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t550_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr11_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr12_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t150_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t350_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r250_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r350_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.7.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr4510c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.12.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr4520c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.12.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6515_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7515_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6525_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe8545_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.12.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740xd_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r940_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r540_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xr2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r740xd2_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r840_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r940xa_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c6420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_fc640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_m640_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx740c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_mx840c_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_c4140_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe2420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe7420_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_xe7440_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t140_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_t340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r240_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.14.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r6415_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7415_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "poweredge_r7425_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.20.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_storage_nx3240_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_storage_nx3340_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "2.19.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc450_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc650_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "emc_xc_core_xc750_firmware",
                "vendor": "dell",
                "versions": [
                  {
                    "lessThan": "1.11.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0172",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-11T04:01:19.460976Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T20:30:48.954Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "1.5.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.1.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.5",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.3.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.4.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.11.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.12.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.12.4",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2024-04-02T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-03T09:09:18.449Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0172",
        "datePublished": "2024-04-03T09:09:18.449Z",
        "dateReserved": "2023-12-14T05:35:36.325Z",
        "dateUpdated": "2024-08-20T20:30:48.954Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0173 (GCVE-0-2024-0173)

    Vulnerability from cvelistv5 – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-788 - Access of Memory Location After End of Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 2.0.0 (semver)
    Affected: N/A , < 1.7.6 (semver)
    Affected: N/A , < 1.7.2 (semver)
    Affected: N/A , < 1.2.3 (semver)
    Affected: N/A , < 1.13.2 (semver)
    Affected: N/A , < 1.14.1 (semver)
    Affected: N/A , < 1.9.1 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 2.21.2 (semver)
    Affected: N/A , < 2.21.1 (semver)
    Affected: N/A , < 2.21.0 (semver)
    Affected: N/A , < 2.16.0 (semver)
    Affected: N/A , < 2.19.0  (semver)
    Affected: N/A , < 2.14.0  (semver)
    Affected: N/A , < 1.19.0  (semver)
    Affected: N/A , < 2.20.0   (semver)
    Create a notification for this product.
    Date Public
    2024-03-12 06:30
    Credits
    Dell would like to thank codebreaker1337 for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0173",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T20:00:50.556667Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:58:23.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform\t",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.13.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.9.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.16.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.20.0\u202f\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dell would like to thank codebreaker1337 for reporting this issue."
            }
          ],
          "datePublic": "2024-03-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-788",
                  "description": "CWE-788: Access of Memory Location After End of Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-13T16:52:21.293Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0173",
        "datePublished": "2024-03-13T16:52:21.293Z",
        "dateReserved": "2023-12-14T05:35:37.836Z",
        "dateUpdated": "2024-08-01T17:41:16.066Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0154 (GCVE-0-2024-0154)

    Vulnerability from cvelistv5 – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
    VLAI
    Summary
    Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-788 - Access of Memory Location After End of Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: N/A , < 2.0.0 (semver)
    Affected: N/A , < 1.7.6 (semver)
    Affected: N/A , < 1.7.2 (semver)
    Affected: N/A , < 1.2.3 (semver)
    Affected: N/A , < 1.13.2 (semver)
    Affected: N/A , < 1.14.1 (semver)
    Affected: N/A , < 1.9.1 (semver)
    Affected: N/A , < 2.14.1 (semver)
    Affected: N/A , < 2.21.2 (semver)
    Affected: N/A , < 2.21.1 (semver)
    Affected: N/A , < 2.21.0 (semver)
    Affected: N/A , < 2.16.0 (semver)
    Affected: N/A , < 2.19.0  (semver)
    Affected: N/A , < 2.14.0  (semver)
    Affected: N/A , < 1.19.0  (semver)
    Affected: N/A , < 2.20.0  (semver)
    Create a notification for this product.
    Date Public
    2024-03-12 06:30
    Credits
    Dell would like to thank codebreaker1337 for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0154",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-13T19:40:48.987776Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:58:45.175Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:41:16.006Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.6",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.7.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.2.3",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.13.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.9.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.2",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.1",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.21.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.16.0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.14.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.19.0\u00a0",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                },
                {
                  "lessThan": "2.20.0\u202f",
                  "status": "affected",
                  "version": "N/A",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dell would like to thank codebreaker1337 for reporting this issue."
            }
          ],
          "datePublic": "2024-03-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
                }
              ],
              "value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-788",
                  "description": "CWE-788: Access of Memory Location After End of Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-13T16:41:09.360Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2024-0154",
        "datePublished": "2024-03-13T16:41:09.360Z",
        "dateReserved": "2023-12-14T05:29:25.760Z",
        "dateUpdated": "2024-08-01T17:41:16.006Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34423 (GCVE-0-2022-34423)

    Vulnerability from cvelistv5 – Published: 2023-03-16 12:21 – Updated: 2025-02-26 15:24
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34423",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:22:30.161525Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:24:44.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T12:21:18.567Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34423",
        "datePublished": "2023-03-16T12:21:18.567Z",
        "dateReserved": "2022-06-23T18:55:17.113Z",
        "dateUpdated": "2025-02-26T15:24:44.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34422 (GCVE-0-2022-34422)

    Vulnerability from cvelistv5 – Published: 2023-03-16 11:58 – Updated: 2025-02-26 15:25
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34422",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:25:29.298270Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:25:48.533Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:58:56.346Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34422",
        "datePublished": "2023-03-16T11:58:56.346Z",
        "dateReserved": "2022-06-23T18:55:17.112Z",
        "dateUpdated": "2025-02-26T15:25:48.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34421 (GCVE-0-2022-34421)

    Vulnerability from cvelistv5 – Published: 2023-03-16 11:57 – Updated: 2025-02-26 15:27
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.161Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34421",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:26:39.426402Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:27:13.550Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:57:14.398Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34421",
        "datePublished": "2023-03-16T11:57:14.398Z",
        "dateReserved": "2022-06-23T18:55:17.112Z",
        "dateUpdated": "2025-02-26T15:27:13.550Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34420 (GCVE-0-2022-34420)

    Vulnerability from cvelistv5 – Published: 2023-03-16 11:55 – Updated: 2025-02-26 15:28
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.233Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34420",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:27:47.299395Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:28:54.859Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:55:42.091Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34420",
        "datePublished": "2023-03-16T11:55:42.091Z",
        "dateReserved": "2022-06-23T18:55:17.111Z",
        "dateUpdated": "2025-02-26T15:28:54.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34419 (GCVE-0-2022-34419)

    Vulnerability from cvelistv5 – Published: 2023-03-16 11:54 – Updated: 2025-02-26 15:31
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34419",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:30:42.766940Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:31:02.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:54:01.719Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34419",
        "datePublished": "2023-03-16T11:54:01.719Z",
        "dateReserved": "2022-06-23T18:55:17.111Z",
        "dateUpdated": "2025-02-26T15:31:02.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-34418 (GCVE-0-2022-34418)

    Vulnerability from cvelistv5 – Published: 2023-03-16 11:52 – Updated: 2025-02-26 15:31
    VLAI
    Summary
    Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell PowerEdge Platform Affected: 14G,15G
    Create a notification for this product.
    Date Public
    2022-12-15 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T09:07:16.249Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-34418",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T15:31:40.577088Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:31:57.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PowerEdge Platform",
              "vendor": "Dell",
              "versions": [
                {
                  "status": "affected",
                  "version": "14G,15G"
                }
              ]
            }
          ],
          "datePublic": "2022-12-15T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-03-16T11:52:24.907Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2022-34418",
        "datePublished": "2023-03-16T11:52:24.907Z",
        "dateReserved": "2022-06-23T18:55:17.110Z",
        "dateUpdated": "2025-02-26T15:31:57.737Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }