Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Alienware_m15_r6_firmware | Dell | * | 1.8.0 (excluding) |