Vulnerability Description
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Alienware 13 R3 Firmware | < 1.13.0 |
| Dell | Alienware 13 R3 | - |
| Dell | Alienware 15 R3 Firmware | < 1.13.0 |
| Dell | Alienware 15 R3 | - |
| Dell | Alienware 15 R4 Firmware | < 1.14.0 |
| Dell | Alienware 15 R4 | - |
| Dell | Alienware 17 R4 Firmware | < 1.13.0 |
| Dell | Alienware 17 R4 | - |
| Dell | Alienware 17 R5 Firmware | < 1.14.0 |
| Dell | Alienware 17 R5 | - |
| Dell | Alienware Area 51M R1 Firmware | < 1.15.1 |
| Dell | Alienware Area 51M R1 | - |
| Dell | Alienware Area 51M R2 Firmware | < 1.10.0 |
| Dell | Alienware Area 51M R2 | - |
| Dell | Alienware Aurora R11 Firmware | < 1.0.9 |
| Dell | Alienware Aurora R11 | - |
| Dell | Alienware Aurora R12 Firmware | < 1.1.7 |
| Dell | Alienware Aurora R12 | - |
| Dell | Alienware Aurora R7 Firmware | < 1.0.25 |
| Dell | Alienware Aurora R7 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000192967Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000192967Vendor Advisory
FAQ
What is CVE-2021-36325?
CVE-2021-36325 is a vulnerability with a CVSS score of 7.5 (HIGH). Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...
How severe is CVE-2021-36325?
CVE-2021-36325 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-36325?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Alienware 13 R3 Firmware, Dell Alienware 13 R3, Dell Alienware 15 R3 Firmware, Dell Alienware 15 R3, Dell Alienware 15 R4 Firmware.