Lucene search

[email protected]NVD:CVE-2022-34400

HistoryFeb 01, 2023 - 5:15 a.m.

CVE-2022-34400

2023-02-0105:15:12

CWE-122

CWE-787

[email protected]

web.nvd.nist.gov

dell bios

buffer overflow

admin privileges

smram

smm

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

Affected configurations

NVD

Node

dellalienware_m15_r6_firmwareRange<1.17.0

AND

dellalienware_m15_r6Match-

Node

dellalienware_m15_r7_firmwareRange<1.4.3

AND

dellalienware_m15_r7Match-

Node

dellalienware_m15_ryzen_edition_r5_firmwareRange<1.8.0

AND

dellalienware_m15_ryzen_edition_r5Match-

Node

dellalienware_m17_r5_amd_firmwareRange<1.4.3

AND

dellalienware_m17_r5_amdMatch-

Node

dellg15_5510_firmwareRange<1.16.0

AND

dellg15_5510Match-

Node

dellg15_5511_firmwareRange<1.18.0

AND

dellg15_5511Match-

Node

dellg15_5515_firmwareRange<1.8.0

AND

dellg15_5515Match-

Node

dellg15_5525_firmwareRange<1.4.3

AND

dellg15_5525Match-

Node

dellg5_se_5505_firmwareRange<1.13.0

AND

dellg5_se_5505Match-

Node

dellinspiron_14_5410_2-in-1_firmwareRange<2.15.2

AND

dellinspiron_14_5410_2-in-1Match-

Node

dellinspiron_15_3511_firmwareRange<1.18.2

AND

dellinspiron_15_3511Match-

Node

dellinspiron_3195_2-in-1_firmwareRange<1.6.0

AND

dellinspiron_3195_2-in-1Match-

Node

dellinspiron_3275_firmwareRange<1.9.2

AND

dellinspiron_3275Match-

Node

dellinspiron_3475_firmwareRange<1.9.2

AND

dellinspiron_3475Match-

Node

dellinspiron_3505_firmwareRange<1.9.0

AND

dellinspiron_3505Match-

Node

dellinspiron_3515_firmwareRange<1.9.0

AND

dellinspiron_3515Match-

Node

dellinspiron_3525_firmwareRange<1.5.0

AND

dellinspiron_3525Match-

Node

dellinspiron_3585_firmwareRange<1.10.0

AND

dellinspiron_3585Match-

Node

dellinspiron_3595_firmwareRange<1.5.0

AND

dellinspiron_3595Match-

Node

dellinspiron_3785_firmwareRange<1.10.0

AND

dellinspiron_3785Match-

Node

dellinspiron_3891_firmwareRange<1.12.0

AND

dellinspiron_3891Match-

Node

dellinspiron_5310_firmwareRange<2.15.0

AND

dellinspiron_5310Match-

Node

dellinspiron_5405_firmwareRange<1.9.0

AND

dellinspiron_5405Match-

Node

dellinspiron_5410_firmwareRange<2.14.0

AND

dellinspiron_5410Match-

Node

dellinspiron_5415_firmwareRange<1.13.0

AND

dellinspiron_5415Match-

Node

dellinspiron_5425_firmwareRange<1.5.0

AND

dellinspiron_5425Match-

Node

dellinspiron_5485_firmwareRange<2.11.0

AND

dellinspiron_5485Match-

Node

dellinspiron_5485_2-in-1_firmwareRange<2.11.0

AND

dellinspiron_5485_2-in-1Match-

Node

dellinspiron_5505_firmwareRange<1.9.0

AND

dellinspiron_5505Match-

Node

dellinspiron_5510_firmwareRange<2.15.2

AND

dellinspiron_5510Match-

Node

dellinspiron_5515_firmwareRange<1.13.0

AND

dellinspiron_5515Match-

Node

dellinspiron_5585_firmwareRange<2.11.0

AND

dellinspiron_5585Match-

Node

dellinspiron_7405_2-in-1_firmwareRange<1.10.1

AND

dellinspiron_7405_2-in-1Match-

Node

dellinspiron_7415_firmwareRange<1.13.0

AND

dellinspiron_7415Match-

Node

dellinspiron_7425_firmwareRange<1.5.0

AND

dellinspiron_7425Match-

Node

dellinspiron_7510_firmwareRange<1.12.0

AND

dellinspiron_7510Match-

Node

dellinspiron_7610_firmwareRange<1.12.0

AND

dellinspiron_7610Match-

Node

delllatitude_3320_firmwareRange<1.18.2

AND

delllatitude_3320Match-

Node

delllatitude_3420_firmwareRange<1.23.2

AND

delllatitude_3420Match-

Node

delllatitude_3520_firmwareRange<1.23.2

AND

delllatitude_3520Match-

Node

delllatitude_5320_firmwareRange<1.24.3

AND

delllatitude_5320Match-

Node

delllatitude_5420_firmwareRange<1.22.0

AND

delllatitude_5420Match-

Node

delllatitude_5520_firmwareRange<1.24.3

AND

delllatitude_5520Match-

Node

delllatitude_5521_firmwareRange<1.17.3

AND

delllatitude_5521Match-

Node

delllatitude_7320_firmwareRange<1.20.0

AND

delllatitude_7320Match-

Node

delllatitude_7320_detachable_firmwareRange<1.17.2

AND

delllatitude_7320_detachableMatch-

Node

delllatitude_7420_firmwareRange<1.20.0

AND

delllatitude_7420Match-

Node

delllatitude_7520_firmwareRange<1.20.0

AND

delllatitude_7520Match-

Node

delllatitude_9420_firmwareRange<1.16.2

AND

delllatitude_9420Match-

Node

delllatitude_9520_firmwareRange<1.17.0

AND

delllatitude_9520Match-

Node

delllatitude_rugged_5430_firmwareRange<1.12.0

AND

delllatitude_rugged_5430Match-

Node

delllatitude_rugged_7330_firmwareRange<1.12.0

AND

delllatitude_rugged_7330Match-

Node

delllatitude_5421_firmwareRange<1.15.0

AND

delllatitude_5421Match-

Node

delloptiplex_5090_firmwareRange<1.12.0

AND

delloptiplex_5090Match-

Node

delloptiplex_5490_all-in-one_firmwareRange<1.15.0

AND

delloptiplex_5490_all-in-oneMatch-

Node

delloptiplex_7090_tower_firmwareRange<1.12.0

AND

delloptiplex_7090_towerMatch-

Node

delloptiplex_7090_ultra_firmwareRange<1.15.0

AND

delloptiplex_7090_ultraMatch-

Node

delloptiplex_7090_aio_firmwareRange<1.15.0

AND

delloptiplex_7090_aioMatch-

Node

dellprecision_3450_firmwareRange<1.12.0

AND

dellprecision_3450Match-

Node

dellprecision_3560_firmwareRange<1.24.3

AND

dellprecision_3560Match-

Node

dellprecision_3561_firmwareRange<1.17.3

AND

dellprecision_3561Match-

Node

dellprecision_3650_tower_firmwareRange<1.16.0

AND

dellprecision_3650_towerMatch-

Node

dellprecision_5560_firmwareRange<1.15.2

AND

dellprecision_5560Match-

Node

dellprecision_5760_firmwareRange<1.15.2

AND

dellprecision_5760Match-

Node

dellprecision_7560_firmwareRange<1.16.0

AND

dellprecision_7560Match-

Node

dellprecision_7760_firmwareRange<1.16.0

AND

dellprecision_7760Match-

Node

dellvostro_3405_firmwareRange<1.9.0

AND

dellvostro_3405Match-

Node

dellvostro_3425_firmwareRange<1.5.0

AND

dellvostro_3425Match-

Node

dellvostro_3510_firmwareRange<1.18.2

AND

dellvostro_3510Match-

Node

dellvostro_3515_firmwareRange<1.9.0

AND

dellvostro_3515Match-

Node

dellvostro_3525_firmwareRange<1.5.0

AND

dellvostro_3525Match-

Node

dellvostro_3690_firmwareRange<1.12.0

AND

dellvostro_3690Match-

Node

dellvostro_3890_firmwareRange<1.12.0

AND

dellvostro_3890Match-

Node

dellvostro_5310_firmwareRange<2.15.0

AND

dellvostro_5310Match-

Node

dellvostro_5410_firmwareRange<2.15.2

AND

dellvostro_5410Match-

Node

dellvostro_5415_firmwareRange<1.13.0

AND

dellvostro_5415Match-

Node

dellvostro_5510_firmwareRange<2.15.2

AND

dellvostro_5510Match-

Node

dellvostro_5515_firmwareRange<1.13.0

AND

dellvostro_5515Match-

Node

dellvostro_5625_firmwareRange<1.5.0

AND

dellvostro_5625Match-

Node

dellvostro_5890_firmwareRange<1.12.0

AND

dellvostro_5890Match-

Node

dellvostro_7510_firmwareRange<1.12.0

AND

dellvostro_7510Match-

Node

dellxps_15_9510_firmwareRange<1.15.2

AND

dellxps_15_9510Match-

Node

dellxps_17_9710_firmwareRange<1.15.2

AND

dellxps_17_9710Match-

References

www.dell.com/support/kbdoc/en-us/000205716/dsa-2022-327

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-34400

prion1 cvelist1 cve1