Description

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Related CPE's

o

dell

alienware_m15_r5_firmware

Vulnerable

h

dell

alienware_m15_r5

-

o

dell

g15_5515_firmware

Vulnerable

h

dell

g15_5515

-

o

dell

g5_se_5505_firmware

Vulnerable

h

dell

g5_se_5505

-

o

dell

inspiron_27_7775_firmware

Vulnerable

h

dell

inspiron_27_7775

-

o

dell

inspiron_14_5425_firmware

Vulnerable

h

dell

inspiron_14_5425

-

o

dell

inspiron_3275_firmware

Vulnerable

h

dell

inspiron_3275

-

o

dell

inspiron_3475_firmware

Vulnerable

h

dell

inspiron_3475

-

o

dell

inspiron_3180_firmware

Vulnerable

h

dell

inspiron_3180

-

o

dell

inspiron_3185_firmware

Vulnerable

h

dell

inspiron_3185

-

o

dell

inspiron_3195_firmware

Vulnerable

h

dell

inspiron_3195

-

o

dell

inspiron_3505_firmware

Vulnerable

h

dell

inspiron_3505

-

o

dell

inspiron_3515_firmware

Vulnerable

h

dell

inspiron_3515

-

o

dell

inspiron_3525_firmware

Vulnerable

h

dell

inspiron_3525

-

o

dell

inspiron_3585_firmware

Vulnerable

h

dell

inspiron_3585

-

o

dell

inspiron_3595_firmware

Vulnerable

h

dell

inspiron_3595

-

o

dell

inspiron_3785_firmware

Vulnerable

h

dell

inspiron_3785

-

o

dell

inspiron_5405_firmware

Vulnerable

h

dell

inspiron_5405

-

o

dell

inspiron_5415_firmware

Vulnerable

h

dell

inspiron_5415

-

o

dell

inspiron_5415_all-in-one_firmware

Vulnerable

h

dell

inspiron_5415_all-in-one

-

o

dell

inspiron_5485_firmware

Vulnerable

h

dell

inspiron_5485

-

o

dell

inspiron_5505_firmware

Vulnerable

h

dell

inspiron_5505

-

o

dell

inspiron_5515_firmware

Vulnerable

h

dell

inspiron_5515

-

o

dell

inspiron_5575_firmware

Vulnerable

h

dell

inspiron_5575

-

o

dell

inspiron_5585_firmware

Vulnerable

h

dell

inspiron_5585

-

o

dell

inspiron_7375_firmware

Vulnerable

h

dell

inspiron_7375

-

o

dell

inspiron_7405_firmware

Vulnerable

h

dell

inspiron_7405

-

o

dell

inspiron_7415_firmware

Vulnerable

h

dell

inspiron_7415

-

o

dell

inspiron_7425_firmware

Vulnerable

h

dell

inspiron_7425

-

o

dell

vostro_3405_firmware

Vulnerable

h

dell

vostro_3405

-

o

dell

vostro_3515_firmware

Vulnerable

h

dell

vostro_3515

-

o

dell

vostro_3525_firmware

Vulnerable

h

dell

vostro_3525

-

o

dell

vostro_5415_firmware

Vulnerable

h

dell

vostro_5415

-

o

dell

vostro_5515_firmware

Vulnerable

h

dell

vostro_5515

-

o

dell

vostro_5625_firmware

Vulnerable

h

dell

vostro_5625

-

References

https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-20

[email protected]

Secondary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-06-23T18:15:07.943

3 years ago

Last modified

2022-06-30T15:32:05.580

3 years ago