CVE-2021-36283

EPSS 0.04%
Published 28.09.2021 20:15:07
Last modified 21.11.2024 06:13:25
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Chengming 3990 Firmware Version < 1.3.1

Dell ≫ Chengming 3990 Version-

Dell ≫ Chengming 3991 Firmware Version < 1.3.1

Dell ≫ Chengming 3991 Version-

Dell ≫ G3 15 3500 Firmware Version < 1.7.1

Dell ≫ G3 15 3500 Version-

Dell ≫ G3 15 3590 Firmware Version < 1.12.0

Dell ≫ G3 15 3590 Version-

Dell ≫ G3 15 5500 Firmware Version < 1.7.1

Dell ≫ G3 15 5500 Version-

Dell ≫ Inspiron 3493 Firmware Version < 1.12.0

Dell ≫ Inspiron 3493 Version-

Dell ≫ Inspiron 3501 Firmware Version < 1.1.0

Dell ≫ Inspiron 3501 Version-

Dell ≫ Inspiron 3593 Firmware Version < 1.12.0

Dell ≫ Inspiron 3593 Version-

Dell ≫ Inspiron 3793 Firmware Version < 1.12.0

Dell ≫ Inspiron 3793 Version-

Dell ≫ Inspiron 3880 Firmware Version < 1.3.1

Dell ≫ Inspiron 3880 Version-

Dell ≫ Inspiron 3881 Firmware Version < 1.3.1

Dell ≫ Inspiron 3881 Version-

Dell ≫ Inspiron 5400 2-in-1 Firmware Version < 1.5.0

Dell ≫ Inspiron 5400 2-in-1 Version-

Dell ≫ Inspiron 5490 Firmware Version < 1.12.0

Dell ≫ Inspiron 5490 Version-

Dell ≫ Inspiron 5493 Firmware Version < 1.12.0

Dell ≫ Inspiron 5493 Version-

Dell ≫ Inspiron 5498 Firmware Version < 1.12.0

Dell ≫ Inspiron 5498 Version-

Dell ≫ Inspiron 5590 Firmware Version < 1.12.0

Dell ≫ Inspiron 5590 Version-

Dell ≫ Inspiron 5593 Firmware Version < 1.12.0

Dell ≫ Inspiron 5593 Version-

Dell ≫ Inspiron 5598 Firmware Version < 1.12.0

Dell ≫ Inspiron 5598 Version-

Dell ≫ Inspiron 7391 2-in-1 Firmware Version < 1.9.1

Dell ≫ Inspiron 7391 2-in-1 Version-

Dell ≫ Inspiron 7500 Firmware Version < 1.5.1

Dell ≫ Inspiron 7500 Version-

Dell ≫ Inspiron 7500 2-in-1 Silver Firmware Version < 1.5.0

Dell ≫ Inspiron 7500 2-in-1 Silver Version-

Dell ≫ Inspiron 7501 Firmware Version < 1.5.1

Dell ≫ Inspiron 7501 Version-

Dell ≫ Inspiron 7590 Firmware Version < 1.8.0

Dell ≫ Inspiron 7590 Version-

Dell ≫ Inspiron 7591 Firmware Version < 1.8.0

Dell ≫ Inspiron 7591 Version-

Dell ≫ Latitude 3310 Firmware Version < 1.8.3

Dell ≫ Latitude 3310 Version-

Dell ≫ Latitude 3310 2-in-1 Firmware Version < 1.17.1

Dell ≫ Latitude 3310 2-in-1 Version-

Dell ≫ Latitude 5300 Firmware Version < 1.12.1

Dell ≫ Latitude 5300 Version-

Dell ≫ Latitude 5300 2-in-1 Firmware Version < 1.12.1

Dell ≫ Latitude 5300 2-in-1 Version-

Dell ≫ Latitude 5310 Firmware Version < 1.4.2

Dell ≫ Latitude 5310 Version-

Dell ≫ Latitude 5310 2 In 1 Firmware Version1.4.2

Dell ≫ Latitude 5310 2 In 1 Version-

Dell ≫ Latitude 5400 Firmware Version < 1.10.1

Dell ≫ Latitude 5400 Version-

Dell ≫ Latitude 5401 Firmware Version < 1.11.1

Dell ≫ Latitude 5401 Version-

Dell ≫ Latitude 5410 Firmware Version < 1.4.3

Dell ≫ Latitude 5410 Version-

Dell ≫ Latitude 5411 Firmware Version < 1.4.3

Dell ≫ Latitude 5411 Version-

Dell ≫ Latitude 5500 Firmware Version < 1.10.1

Dell ≫ Latitude 5500 Version-

Dell ≫ Latitude 5511 Firmware Version < 1.4.3

Dell ≫ Latitude 5511 Version-

Dell ≫ Latitude 7200 2 In 1 Firmware Version < 1.10.1

Dell ≫ Latitude 7200 2 In 1 Version-

Dell ≫ Latitude 7210 2 In 1 Firmware Version < 1.5.1

Dell ≫ Latitude 7210 2 In 1 Version-

Dell ≫ Latitude 7220ex Rugged Extreme Tablet Firmware Version < 1.9.1

Dell ≫ Latitude 7220ex Rugged Extreme Tablet Version-

Dell ≫ Latitude 7300 Firmware Version < 1.11.1

Dell ≫ Latitude 7300 Version-

Dell ≫ Latitude 7310 Firmware Version < 1.5.1

Dell ≫ Latitude 7310 Version-

Dell ≫ Latitude 7400 Firmware Version < 1.11.1

Dell ≫ Latitude 7400 Version-

Dell ≫ Latitude 7400 2-in-1 Firmware Version < 1.10.0

Dell ≫ Latitude 7400 2-in-1 Version-

Dell ≫ Latitude 7410 Firmware Version < 1.5.1

Dell ≫ Latitude 7410 Version-

Dell ≫ Latitude 9410 Firmware Version < 1.5.1

Dell ≫ Latitude 9410 Version-

Dell ≫ Latitude 9510 Firmware Version < 1.4.2

Dell ≫ Latitude 9510 Version-

Dell ≫ Optiplex 3080 Firmware Version < 1.3.1

Dell ≫ Optiplex 3080 Version-

Dell ≫ Optiplex 3280 Aio Firmware Version < 1.3.1

Dell ≫ Optiplex 3280 Aio Version-

Dell ≫ Optiplex 5080 Firmware Version < 1.3.1

Dell ≫ Optiplex 5080 Version-

Dell ≫ Optiplex 5480 Aio Firmware Version < 1.4.0

Dell ≫ Optiplex 5480 Aio Version-

Dell ≫ Optiplex 7080 Firmware Version < 1.3.10

Dell ≫ Optiplex 7080 Version-

Dell ≫ Optiplex 7480 Aio Firmware Version < 1.6.2

Dell ≫ Optiplex 7480 Aio Version-

Dell ≫ Optiplex 7780 Aio Firmware Version < 1.6.2

Dell ≫ Optiplex 7780 Aio Version-

Dell ≫ Precision 3440 Firmware Version < 1.3.10

Dell ≫ Precision 3440 Version-

Dell ≫ Precision 3540 Firmware Version < 1.10.1

Dell ≫ Precision 3540 Version-

Dell ≫ Precision 3541 Firmware Version < 1.11.1

Dell ≫ Precision 3541 Version-

Dell ≫ Precision 3550 Firmware Version < 1.4.3

Dell ≫ Precision 3550 Version-

Dell ≫ Precision 3551 Firmware Version < 1.4.3

Dell ≫ Precision 3551 Version-

Dell ≫ Precision 3640 Tower Firmware Version < 1.4.3

Dell ≫ Precision 3640 Tower Version-

Dell ≫ Precision 5540 Firmware Version < 1.9.1

Dell ≫ Precision 5540 Version-

Dell ≫ Precision 5550 Firmware Version < 1.6.1

Dell ≫ Precision 5550 Version-

Dell ≫ Precision 5750 Firmware Version < 1.6.3

Dell ≫ Precision 5750 Version-

Dell ≫ Precision 7540 Firmware Version < 1.11.2

Dell ≫ Precision 7540 Version-

Dell ≫ Precision 7550 Firmware Version < 1.6.2

Dell ≫ Precision 7550 Version-

Dell ≫ Precision 7740 Firmware Version < 1.11.2

Dell ≫ Precision 7740 Version-

Dell ≫ Precision 7750 Firmware Version < 1.6.2

Dell ≫ Precision 7750 Version-

Dell ≫ Vostro 3401 Firmware Version < 1.1.0

Dell ≫ Vostro 3401 Version-

Dell ≫ Vostro 3491 Firmware Version < 1.12.0

Dell ≫ Vostro 3491 Version-

Dell ≫ Vostro 3501 Firmware Version < 1.1.0

Dell ≫ Vostro 3501 Version-

Dell ≫ Vostro 3591 Firmware Version < 1.12.0

Dell ≫ Vostro 3591 Version-

Dell ≫ Vostro 3681 Firmware Version < 1.3.1

Dell ≫ Vostro 3681 Version-

Dell ≫ Vostro 3881 Firmware Version < 1.3.1

Dell ≫ Vostro 3881 Version-

Dell ≫ Vostro 3888 Firmware Version < 1.3.1

Dell ≫ Vostro 3888 Version-

Dell ≫ Vostro 5490 Firmware Version < 1.12.0

Dell ≫ Vostro 5490 Version-

Dell ≫ Vostro 5590 Firmware Version < 1.12.0

Dell ≫ Vostro 5590 Version-

Dell ≫ Vostro 7500 Firmware Version < 1.5.1

Dell ≫ Vostro 7500 Version-

Dell ≫ Vostro 7590 Firmware Version < 1.8.0

Dell ≫ Vostro 7590 Version-

Dell ≫ Wyse 5470 Firmware Version < 1.6.0

Dell ≫ Wyse 5470 Version-

Dell ≫ Xps 13 9300 Firmware Version < 1.4.1

Dell ≫ Xps 13 9300 Version-

Dell ≫ Xps 13 9380 Firmware Version < 1.12.0

Dell ≫ Xps 13 9380 Version-

Dell ≫ Xps 17 9700 Firmware Version < 1.6.3

Dell ≫ Xps 17 9700 Version-

Dell ≫ Xps 7380 Firmware Version < 1.7.0

Dell ≫ Xps 7380 Version-

Dell ≫ Xps 7590 Firmware Version < 1.9.1

Dell ≫ Xps 7590 Version-

Dell ≫ Xps 7390 2-in-1 Firmware Version < 1.7.1

Dell ≫ Xps 7390 2-in-1

Dell ≫ Xps 9500 Firmware Version < 1.6.1

Dell ≫ Xps 9500

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.088

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
security_alert@emc.com	7.5	0.8	6	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.dell.com/support/kbdoc/000191495/

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-36283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-36283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-36283

EUVD