Dell Latitude 5X01/Precision 3541

Updating the system firmware improves performance.

Atom Feed

Version 1.34.0
2024-09-18 03:01:20

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.33.0
2024-08-19 05:48:40

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency critical
Reported Success 100% (low confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.31.0
2024-06-18 07:36:25

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.30.0
2024-04-09 00:37:54

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.29.0
2024-03-04 07:26:58

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisories.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.28.0
2023-12-20 09:41:07

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisories.

Urgency critical
Reported Success 98% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.27.0
2023-11-23 01:15:24

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency critical
Reported Success 100% (low confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.26.0
2023-08-23 01:52:43

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisories.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.25.0
2023-05-15 03:44:03

This stable release fixes the following issues:

  • This release contains security updates as disclosed in the Dell Security Advisories.

Urgency critical
Reported Success 98% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.24.0
2023-02-18 03:13:55

This stable release fixes the following issues:

Some new functionality has also been added:

  • Firmware updates to address security vulnerabilities including (Common Vulnerabilities and Exposures - CVE)

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.23.0
2022-10-27 12:10:51

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities including (Common Vulnerabilities and Exposures - CVE)

Some new functionality has also been added:

Urgency critical
Reported Success 100% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.22.0
2022-09-20 07:37:16

This stable release fixes the following issues:

Some new functionality has also been added:

  • Improved the stability of the system.

Urgency high
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.21.0
2022-08-18 09:13:49

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities including (Common Vulnerabilities and Exposures - CVE).

Urgency critical
Reported Success 100% (low confidence)
Fixed issues:
  • CVE-2022-32493
  • CVE-2022-32491
  • CVE-2022-32489
  • CVE-2022-0778

    The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

  • CVE-2022-32487
  • CVE-2022-32484
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.20.0
2022-06-27 06:21:36

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities including (Common Vulnerabilities and Exposures).

Urgency critical
Reported Success 100% (low confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.19.1
2022-04-28 08:26:46

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities.

Urgency critical
Reported Success 96% (medium confidence)
Fixed issues:
  • CVE-2021-33159

    Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2022-21181

    Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2022-21166

    Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21151

    Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21127

    Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21125

    Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21123

    Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.

  • CVE-2022-0004

    Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.18.1
2022-03-24 08:10:07

Some new functionality has also been added:

  • Supports Dell Dock HD22Q.

Urgency high
Reported Success 100% (medium confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.17.0
2022-01-17 07:57:22

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities.
  • Fixed the issue where TPM could not be initialized message is displayed after updating the Trusted Platform Module (TPM) firmware.
  • Fixed the issue where the customized logo and product name are removed when you upgrade the BIOS and change the BIOS to its default settings.
  • Fixed the issue where Hard Drive-Not Installed message is displayed in Dell SupportAssist Pre-Boot System Performance Check.This issue occurs in systems with M.2 solid state drives (SSDs).

Some new functionality has also been added:

  • Improved the system stability.
  • Supports Realtek RTL8153DD-CG Ethernet Interface Controller.

Urgency critical
Reported Success 100% (high confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.15.1
2021-11-16 07:22:38

This stable release fixes the following issues:

  • Firmware updates to address the Intel Security Advisory.
  • Firmware updates to address security vulnerabilities.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
  • CVE-2021-0157

    Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.14.0
2021-09-01 08:57:26

This stable release fixes the following issues:

-Fixed the issue where the cursor lags or does not respond in the McAfee Drive Encryption software login screen.

-Firmware updates to address security vulnerabilities

Some new functionality has also been added:

-Supports Realtek RTL8153DD-CG Ethernet Interface Controller

Urgency critical
Reported Success 100% (medium confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.13.0
2021-08-02 07:49:28

This stable release fixes the following issues:

  • Firmware updates to address security vulnerabilities.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
  • CVE-2020-12359

    Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-24512

    Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-24511

    Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-24516

    Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-24506

    Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-8703

    Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-24507

    Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.11.1
2021-02-25 06:35:02

This stable release fixes the following issues:

  • Firmware updates to address the Intel Technical Advisory.
  • Firmware updates to address the Intel Security Advisory.
  • Fixed the issue where the system stops responding when you restart the system after installing Intel Rapid Storage Technology driver.
  • Fixed the issue where the keyboard gives incorrect output of the # key.

Some new functionality has also been added:

  • Updated the Intel UEFI firmware.
  • Updated the Embedded Controller firmware.
  • Updated the Power Delivery firmware.
  • Updated the Intel Management Engine firmware.
  • Updated the Intel Micro Controller Unit firmware.

Urgency critical
Reported Success 100% (high confidence)
Fixed issues:
  • CVE-2020-8698

    Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-8696

    Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0593

    Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-0592

    Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

  • CVE-2020-0591

    Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-0587

    Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-12356

    Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-12303

    Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

  • CVE-2020-8752

    Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

  • CVE-2020-8749

    Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

  • CVE-2020-8746

    Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2020-8755

    Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-8747

    Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.

  • CVE-2020-8754

    Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-8760

    Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-8756

    Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-8757

    Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-12355

    Intel's CVE.

  • VU#231329

    Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks

  • CVE-2020-26189
  • CVE-2020-8705

    Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

  • CVE-2020-8745

    Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-8744

    Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-8753

    Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.10.1
2020-12-04 09:14:47

This stable release fixes the following issues:

  • Firmware updates to address the Intel Technical Advisory.
  • Fixed the issue where Key Mapping for Console Redirection BIOS error is displayed.

Some new functionality has also been added:

  • Updated the Embedded Control firmware.
  • Updated the BC Module firmware.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
  • CVE-2020-8758

    Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.9.1
2020-06-10 08:26:40

Fixed the issue where data wipe fails when the option RAID On is selected in SATA Operation in BIOS setup.This issue occurs on NVMe devices.

Fixed the issue where the system cannot detect Intel Software Guard Extensions (SGX) device with SGX enabled.

Corrected the embedded keyboard buffer value in the Extensible Firmware Interface (EFI) shell.

Updated the Intel Management Engine firmware.Updated the Intel CPU Microcode.Updated the Power Delivery firmware.Updated the Embedded Controller Engine firmware.Enhanced the thermal stability of the system.

Urgency critical
Reported Success 98% (high confidence)
Fixed issues:
  • CVE-2020-0529

    Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.

  • CVE-2020-0528

    Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

  • CVE-2020-8674

    Out-of-bounds Read (CWE-125) in DHCP component. A local network attacker can send a malicious Layer-2 DHCP packet that could lead to an unintended exposure of sensitive information on the target device. This is Intel's version of CVE-2020-11905

  • CVE-2020-0542

    Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

  • CVE-2020-0541

    Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-0540

    Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0539

    Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.

  • CVE-2020-0539

    Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.

  • CVE-2020-0538

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0537

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access.

  • CVE-2020-0536

    Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0535

    Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0534

    Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0532

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

  • CVE-2020-0531

    Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0549

    Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • VU#257161

    Treck Inc.designs and distributes software for real-time operating systems (RTOS) customers worldwide. Treck's sofware provide essential TCP/IP networking capability to these devices. Security researchers from JSOF have discovered a number of vulnerabilities that can have an impact on devices that have adopted Treck's embedded software to cause unexpected behavior and possibly further exploit these devices for nefarious purposes.

  • CVE-2020-0548

    Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0543

    Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.8.4
2020-05-29 00:33:24

  • Fixed the issue where the system stops responding on Dell logo when SMM Security mitigation and Secure Boot is enabled.
  • Fixed the issue where the system is not able to update the BIOS from BIOS Boot Menu with SMM Security Mitigation enabled.
  • Fixed the issue where the system sets default value of SupportAssist OS recovery to disable.
  • Fixed the issue where the Type-C port works from BIOS Boot Menu with external USB port disabled.

Enhancements:

  • Updated the Intel Management Engine firmware.
  • Updated the BIOS warning message that is displayed when an AC adapter with low wattage is connected to the system.
  • Updated the Enhanced Pre-Boot System Assessment (ePSA) firmware.

Urgency critical
Reported Success 100% (low confidence)
Fixed issues:
  • CVE-2020-5363

    Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password. This could potentially allow an unauthorized actor, with physical access and/or OS administrator privileges to the device, to gain privileged access to the platform and the hard drive.

  • CVE-2019-14607

    Improper conditions check in multiple IntelĀ® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.

  • CVE-2019-11157

    Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.

  • CVE-2019-14598

    Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.8.3
2020-04-10 05:38:05

Fixed the issue where the system stops responding on Dell logo when SMM Security mitigation and Secure Boot is enabled.

Fixed the issue where the system is not able to update the BIOS from BIOS Boot Menu with SMM Security Mitigation enabled.

Fixed the issue where the system sets default value of SupportAssist OS recovery to disable.

Fixed the issue where the Type-C port works from BIOS Boot Menu with external USB port disabled.

Updated the Intel Management Engine firmware.Updated the BIOS warning message that is displayed when an AC adapter with low wattage is connected to the system.Updated the Enhanced Pre-Boot System Assessment (ePSA) firmware.

Urgency high
Reported Success 100% (low confidence)
Fixed issues:
  • CVE-2019-11157

    Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.

  • CVE-2019-14607

    Improper conditions check in multiple IntelĀ® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.

  • CVE-2019-14598

    Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.5.1
2019-09-25 09:45:19

Fixes & Enhancements

  • Fixed the issue where the system always boots to Rufus formatted USB drives instead of internal hard drive.
  • Fixed the issue where the LAN speed reduces after the system resumes from modern standby mode.
  • Removed the IpSec driver and application.
  • Fixed the issue where the operating system prompts for BitLocker Recovery key while booting.
  • Enhanced Lid Switch feature to control Lid function in BIOS setup.
  • Updated the Embedded Controller Engine firmware.
  • Updated the Intel Management Engine firmware.

Urgency high
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.3.2
2019-08-27 14:22:39

Fixes & Enhancements

  • Enhanced the stability of the system.

Urgency low
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.2.11
2019-06-27 07:14:42

Fixes and Enhancements :

  • Firmware updates to address security advisory INTEL-SA-00213
  • Firmware updates to address security advisories INTEL-SA-00233
  • Removed the pre-boot Intel RST Manager Optimized Defaults option.
  • Enhanced the compatibility of Jabra office headset when connected to Dell Docking Station WD19.
  • Updated Enhanced Pre-Boot System Assessment (ePSA) firmware.
  • Updated the Thermal Algorithm for performance.
  • Updated the Power Delivery firmware.
  • Updated the Embedded Controller Engine firmware.

Urgency low
Reported Success 100% (low confidence)
Fixed issues:
  • CVE-2019-11091

    Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12130

    Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12127

    Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12126

    Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2019-0170

    Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0153

    Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2019-0098

    Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2019-0097

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.

  • CVE-2019-0096

    Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.

  • CVE-2019-0094

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

  • CVE-2019-0093

    Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2019-0092

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2019-0091

    Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0086

    Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0090

    Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.1.10
2019-06-27 08:03:23

Fixes and Enhancement

  • Fixed the issue where the BIOS Auto-Recovery function does not work when Secure Boot mode is enabled.
  • Fixed the issue where the BIOS Auto-Recovery option does not work with Intel Optane Memory H10.

Urgency low
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.0.2
2019-06-27 08:04:20

initial release

Urgency low
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.0.1 — not be suitable for production systems
2019-04-17 09:30:16

initial release

Urgency low
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.0.0 — not be suitable for production systems
2019-04-08 14:14:06

Initial release of the BIOS

Urgency low
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 0.5.4 — not be suitable for production systems
2019-01-08 06:18:12

This stable release fixes the following issues:

  • BITS399064 [ITM 1_NB]Boot sequence be changed after changed SATA Operation from RAID to AHCI with NVMe SSD.
  • BITS401327 [DVT1_NB_MR_BH] Can't detect type c to HDMI/DP/VGA dongle after Flash BIOS 0.5.0.
  • BITS401461 [DVT1.0_NB] SUT cannot detect monitor on DA200/DA300.

Some new functionality has also been added:

  • BITS401600 TI 65982DD PD FW Release Update - 02.00.00.02.
  • Update Intel SIC to 7.0.51.41.
  • Update CRB to 034_DellTCG45_RC5141.

Urgency low
Licenses
Security
Release Gating
Download Archive Firmware Details

LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter