CVE-2022-34393 | Severity.io

Description

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Related CPE's

g5_se_5505_firmware

Vulnerable

inspiron_27_7775_firmware

Vulnerable

inspiron_27_7775

inspiron_3180_firmware

Vulnerable

inspiron_3185_firmware

Vulnerable

inspiron_3195_2-in-1_firmware

Vulnerable

inspiron_3195_2-in-1

inspiron_3275_firmware

Vulnerable

inspiron_3475_firmware

Vulnerable

inspiron_3505_firmware

Vulnerable

inspiron_3515_firmware

Vulnerable

inspiron_3585_firmware

Vulnerable

inspiron_3595_firmware

Vulnerable

inspiron_3785_firmware

Vulnerable

inspiron_5405_firmware

Vulnerable

inspiron_5415_firmware

Vulnerable

inspiron_5485_firmware

Vulnerable

inspiron_5485_2-in-1_firmware

Vulnerable

inspiron_5485_2-in-1

inspiron_5505_firmware

Vulnerable

inspiron_5515_firmware

Vulnerable

inspiron_5585_firmware

Vulnerable

inspiron_7375_firmware

Vulnerable

inspiron_7405_2-in-1_firmware

Vulnerable

inspiron_7405_2-in-1

inspiron_7415_firmware

Vulnerable

vostro_3405_firmware

Vulnerable

vostro_3515_firmware

Vulnerable

vostro_5415_firmware

Vulnerable

vostro_5515_firmware

Vulnerable

References

https://www.dell.com/support/kbdoc/000204686

Vendor Advisory

https://www.dell.com/support/kbdoc/000204686

Vendor Advisory

Weaknesses

[email protected]

Secondary

CWE-20

[email protected]

Primary

CWE-20

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

7.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-18T05:15:11.413Z

3 years ago

Last modified

2024-11-21T06:09:25.563Z

1 year ago