Dell Precision Tower 3620

Updating the system firmware improves performance.

Atom Feed

Version 2.32.0
2024-08-13 01:12:35

Fixes & Enhancements

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency medium
Reported Success 86% (low confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.31.0
2024-07-22 03:25:29

Fixes & Enhancements

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency medium
Reported Success 94% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.30.0
2024-05-14 05:26:09

Fixes & Enhancements

  • Fixed the issue where some dots are displayed in the Enter old password field after you change the hard drive or solid state drive password.

Urgency medium
Reported Success 100% (high confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.29.0
2024-04-17 02:35:58

"Fixes & Enhancements

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency medium
Reported Success 100% (medium confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.28.0
2024-02-05 08:43:20

"Fixes & Enhancements

  • This release contains security updates as disclosed in the Dell Security Advisory.

Urgency medium
Reported Success 100% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.26.0
2023-09-12 08:51:20

"Fixes & Enhancements

  • This release contains security updates as disclosed in the Dell Security Advisories.

Urgency high
Reported Success 99% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.25.0
2023-05-15 07:09:13

This release contains security updates as disclosed in the Dell Security Advisories.

Urgency high
Reported Success 98% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.24.0
2022-12-23 07:28:33

This package contains the Dell system BIOS update.BIOS is a firmware package that is embedded on a small memory chip on the system board.

It controls the keyboard, monitor, disk drives, and other devices.This update addresses Common Vulnerabilities and Exposures (CVE).

Common Vulnerabilities and Exposures (CVE) is a list of security vulnerabilities and exposures that are publicly disclosed.

Urgency critical
Reported Success 96% (high confidence)
Fixed issues:
  • CVE-2022-40262

    A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213451425098faebd45948a4642db969b19d0253fc Module GUID: 89E549B0-7CFE-449D-9BA3-10D8B2312D71

  • CVE-2017-5715

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • CVE-2022-27497

    Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2022-29893

    Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.

  • CVE-2022-26845

    Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2022-34463
  • CVE-2022-33159
  • CVE-2022-34398
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.23.0
2022-11-16 02:02:34

This package contains the Dell system BIOS update.BIOS is a firmware package that is embedded on a small memory chip on the system board.It controls the keyboard, monitor, disk drives, and other devices.

This update addresses Common Vulnerabilities and Exposures (CVE).Common Vulnerabilities and Exposures (CVE) is a list of security vulnerabilities and exposures that are publicly disclosed.

Urgency critical
Reported Success 100% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.22.0
2022-08-18 06:16:08

"This package contains the Dell system BIOS update.BIOS is a firmware package that is embedded on a small memory chip on the system board.It controls the keyboard, monitor, disk drives, and other devices.This update addresses Common Vulnerabilities and Exposures (CVE).

Common Vulnerabilities and Exposures (CVE) is a list of security vulnerabilities and exposures that are publicly disclosed.

Fixes & Enhancements

  • Firmware updates to address security vulnerabilities including (Common Vulnerabilities and Exposures - CVE)

Urgency critical
Reported Success 100% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.21.0
2022-05-18 10:32:23

This package contains the Dell system BIOS update.BIOS is a firmware package that is embedded on a small memory chip on the system board.It controls the keyboard, monitor, disk drives, and other devices.T

This update addresses Common Vulnerabilities and Exposures (CVE).Common Vulnerabilities and Exposures (CVE) is a list of security vulnerabilities and exposures that are publicly disclosed.

Urgency critical
Reported Success 100% (medium confidence)
Fixed issues:
  • CVE-2022-21166

    Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21127

    Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21125

    Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21123

    Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-0004

    Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.

  • CVE-2022-21151

    Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.18.1
2021-09-03 01:11:40

This package contains the Dell system BIOS update.BIOS is a firmware package that is embedded on a small memory chip on the system board.It controls the keyboard, monitor, disk drives, and other devices.

Fixes & Enhancements

  • Fixed the issue where the customized logo and product name are removed when you upgrade the BIOS and change the BIOS to its default settings.
  • Firmware updates to address security vulnerabilities.

Urgency high
Reported Success 98% (high confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.18.0
2021-08-02 03:11:37

Fixes & Enhancements

Fixes:- Firmware updates to address the Intel Security Advisory INTEL SA 00459 (CVE 2020 24507 and CVE 2020 8703).

  • Firmware updates to address the Intel Security Advisory INTEL SA 00464 (CVE 2020 24512).
  • Firmware updates to address security vulnerabilities.

Urgency high
Reported Success 100% (medium confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.17.1
2021-03-11 06:34:38

This stable release fixes the following issues:

  • BIOS security update.

Urgency critical
Reported Success 97% (high confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.16.2
2021-01-15 13:28:50

This stable release fixes the following issues:

  • BIOS security update.

Urgency critical
Reported Success 100% (medium confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.15.0
2020-06-17 01:19:50

This stable release fixes the following issues:

  • Security update

Urgency critical
Reported Success 99% (high confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.13.1
2019-07-03 07:20:42

This stable release fixes the following issues:

  • Fixed the issue where the mSATA hard drive password cannot be set with Dell Command Configure tool.
  • Fixed an issue with Secure Boot Option ROM Signature Verification.
  • Firmware updates to address security advisories INTEL-SA-00185and INTEL-SA-00191

Urgency critical
Reported Success 96% (medium confidence)
Fixed issues:
  • CVE-2018-12203

    Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12201

    Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12185

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12191

    Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12190

    Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2018-12188

    Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.

  • CVE-2018-12196

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12187

    Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.

  • CVE-2018-12200

    Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.

  • CVE-2018-12198

    Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.

  • CVE-2018-12199

    Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.

  • CVE-2018-12192

    Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.12.0
2019-03-22 03:10:24

Fixes and Enhancements:

  • Fixed the issue where the mSATA hard drive password cannot be set with Dell Command Configure tool.
  • Fixed an issue with Secure Boot Option ROM Signature Verification.
  • Firmware updates to address security advisory INTEL-SA-00185
  • Firmware updates to address security advisories INTEL-SA-00191

Urgency critical
Reported Success 70% (low confidence)
Fixed issues:
  • CVE-2018-12203

    Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12201

    Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12185

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12196

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12187

    Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.

  • CVE-2018-12200

    Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.

  • CVE-2018-12198

    Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.

  • CVE-2018-12199

    Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.

  • CVE-2018-12192

    Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.

  • CVE-2018-12191

    Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12190

    Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2018-12188

    Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.11.2
2018-11-29 01:49:38

Major fixes:

  • Fixed the issue with data wipe feature in BIOS.
  • Fixed system might not be able to boot to OS for certain Bios boot mode and SATA mode combination settings.
  • Fixed a potential issue with binary image measurement using the Linux UEFI shim boot loader.
  • Fixed a potential system hang issue when an incorrectly formatted password is entered at the BIOS Security Manager (BIOS pre-boot password) prompt.
  • Updated Intel ME Firmware to address security advisories INTEL-SA-00125, Intel-SA-00131 & INTEL-SA-00141.

Enhancements:

  • Added "PPI Bypass for Clear Command" option in TPM page of BIOS setup.

Urgency high
Reported Success 100% (low confidence)
Fixed issues:
  • CVE-2018-3616

    Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.

  • CVE-2018-3658

    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

  • CVE-2018-3657

    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

  • CVE-2018-3644
  • CVE-2018-3643

    A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

  • CVE-2018-3655

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.11.1
2018-09-19 01:31:19

Fixes: - N/A Enhancements: - Added "PPI Bypass for Clear Command" option in TPM page of BIOS setup.

Urgency medium
Reported Success 85% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.11.0
2018-09-03 08:55:46

This stable release fixes the following issues:

  • Fixed system might not be able to boot to OS for certain Bios boot mode and SATA mode combination settings.
  • Fixed a potential issue with binary image measurement using the Linux UEFI shim boot loader.
  • Fixed a potential system hang issue when an incorrectly formatted password is entered at the BIOS Security Manager (BIOS pre-boot password) prompt
  • Updated Intel ME Firmware to address security advisories INTEL-SA-00125, Intel-SA-00131 & INTEL-SA-00141.

Urgency critical
Reported Success 75% (low confidence)
Fixed issues:
  • CVE-2018-3616

    Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.

  • CVE-2018-3658

    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

  • CVE-2018-3657

    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

  • CVE-2018-3643

    A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

  • CVE-2018-3644
  • CVE-2018-3655

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.10.2
2018-07-10 03:51:00

Urgency unknown
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.8.1
2018-06-14 07:55:15

Urgency unknown
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.3.5
2017-08-22 01:38:09

Urgency None
Reported Success 100% (low confidence)
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 2.3.1 — not be suitable for production systems
2017-06-22 03:00:24

Updated Intel ME Firmware to address security advisory INTEL-SA-00075

Urgency critical
Fixed issues:
  • CVE-2017-5689

    An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

  • VU#491375

    Intel Active Management Technology (AMT) does not properly enforce access control
Licenses
Security
Release Gating
Download Archive Firmware Details

LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter