Vulnerability Description
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Precision 5820 Tower Firmware | < 2.12.1 |
| Dell | Precision 5820 Tower | - |
| Dell | Precision 7510 Firmware | < 1.24.3 |
| Dell | Precision 7510 | - |
| Dell | Precision 7520 Firmware | < 1.22.0 |
| Dell | Precision 7520 | - |
| Dell | Precision 7530 Firmware | < 1.18.2 |
| Dell | Precision 7530 | - |
| Dell | Precision 7540 Firmware | < 1.15.1 |
| Dell | Precision 7540 | - |
| Dell | Precision 7550 Firmware | < 1.10.1 |
| Dell | Precision 7550 | - |
| Dell | Precision 7560 Firmware | < 1.5.0 |
| Dell | Precision 7560 | - |
| Dell | Precision 7710 Firmware | < 1.24.3 |
| Dell | Precision 7710 | - |
| Dell | Precision 7720 Firmware | < 1.22.0 |
| Dell | Precision 7720 | - |
| Dell | Precision 7730 Firmware | < 1.18.2 |
| Dell | Precision 7730 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000193321/dsa-2021-240Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000193321/dsa-2021-240Vendor Advisory
FAQ
What is CVE-2021-36343?
CVE-2021-36343 is a vulnerability with a CVSS score of 7.5 (HIGH). Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...
How severe is CVE-2021-36343?
CVE-2021-36343 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-36343?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Precision 5820 Tower Firmware, Dell Precision 5820 Tower, Dell Precision 7510 Firmware, Dell Precision 7510, Dell Precision 7520 Firmware.