Codebreaker1337

**Name of the Vulnerable Software and Affected Versions** Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2 **Description** The issue is related to an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. **Recommendations** For Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, update to version 2.22.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2 **Description** The issue is related to an Improper Input Validation vulnerability. A high-privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. **Recommendations** For Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, update to version 2.22.2 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell BIOS versions prior to 1.26.0 Dell BIOS versions prior to 1.35.0 Dell BIOS versions prior to 2.32.0 **Description** The issue is related to an Improper Input Validation vulnerability in an externally developed component of Dell BIOS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution. **Recommendations** For versions prior to 1.26.0, upgrade to version 1.26.0 or later to mitigate the risk. For versions prior to 1.35.0, upgrade to version 1.35.0 or later to mitigate the risk. For versions prior to 2.32.0, upgrade to version 2.32.0 or later to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** Dell PowerEdge Platform, 14G Intel BIOS versions prior to 2.22.x **Description** The issue is related to an Access of Memory Location After End of Buffer vulnerability in the Dell PowerEdge Platform's 14G Intel BIOS. This vulnerability could be exploited by a low-privileged attacker with local access, potentially leading to information disclosure. The vulnerability is associated with writing data beyond the boundaries of a buffer in memory. **Recommendations** For Dell PowerEdge Platform, 14G Intel BIOS versions prior to 2.22.x, update to version 2.22.x or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell PowerEdge Platform, 14G Intel BIOS versions prior to 2.22.x **Description** The issue is related to insufficient input validation in the BIOS software of Dell PowerEdge servers. This could allow an attacker with high privileges and local access to potentially disclose protected information. **Recommendations** For versions prior to 2.22.x, update to version 2.22.x or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell PowerEdge Server BIOS (affected versions not specified) Dell Precision Rack BIOS (affected versions not specified) **Description** The issue is related to a flaw in the verification of the SMM communication buffer, which could allow an attacker to write arbitrary data to the System Management RAM (SMRAM). This could be exploited by a local, low-privileged attacker. **Recommendations** For Dell PowerEdge Server BIOS, update to a version that fixes the improper SMM communication buffer verification issue. For Dell Precision Rack BIOS, update to a version that fixes the improper SMM communication buffer verification issue. As a temporary workaround, consider restricting access to the SMM communication buffer to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell PowerEdge Server BIOS (affected versions not specified) Dell Precision Rack BIOS (affected versions not specified) **Description** The issue is related to an improper parameter initialization, which could be exploited by a local low privileged attacker to read the contents of non-SMM stack memory. This is also described as a buffer overflow in memory, allowing unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell PowerEdge Server BIOS versions (affected versions not specified) Dell Precision Rack BIOS versions (affected versions not specified) **Description** The issue is related to an improper parameter initialization vulnerability in the BIOS software of Dell PowerEdge servers and Dell Precision Rack workstations. This vulnerability can be exploited by a local low-privileged attacker to potentially read the contents of non-SMM stack memory, allowing unauthorized access to protected information. **Recommendations** For Dell PowerEdge Server BIOS, update to a version that fixes the improper parameter initialization vulnerability. For Dell Precision Rack BIOS, update to a version that fixes the improper parameter initialization vulnerability. As a temporary workaround, consider restricting access to sensitive information and limiting privileges to minimize the risk of exploitation.