All the vulnerabilites related to dell - inspiron_5775_firmware
Vulnerability from fkie_nvd
Published
2022-05-26 16:15
Modified
2024-11-21 06:50
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:dell_g5_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD50BEC6-2116-48A4-B058-F3DF4370828E",
"versionEndExcluding": "1.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:dell_g5_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B45D2E5A-2977-461A-B6A5-72FA4B7213C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_22-3275_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B07E995-E47B-4A4D-91CC-AEF14887DC2E",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_22-3275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7338D5C2-45BA-4BC7-9742-3452FF58379E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_24-3475_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2A9062-94CC-4B3A-8A0E-D7E8346966E8",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_24-3475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D868D5-1125-4F3C-A60E-5F2A6744FE08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93B59A-403C-44DD-9102-984E4FE10E44",
"versionEndExcluding": "2.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "773EB218-753B-44D8-92F2-F902E2BF7933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A5FD1A-B537-4FEF-B0D6-BC6A658A8B8D",
"versionEndExcluding": "1.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EB741-AC21-472C-AE91-D58CAD9B7354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51586736-F6E0-4BF5-948C-252CBA506A0D",
"versionEndExcluding": "1.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B547563E-6AB1-40DD-AA96-9B4D12CAED05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3195_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD04459-B6A3-4C8C-99FD-90C92839C4A8",
"versionEndExcluding": "1.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60A87A1-BF28-4426-92C8-F16B5B311496",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D86E59E6-E309-4811-B0F8-7DDD3E39ED93",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3137C79A-EE16-4B4E-95D8-6CF1E1E9A4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "937ABBDA-4951-40D6-A954-16684C92AC03",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC360757-EECE-40F5-8BA9-098F8F121C3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5959EF8-8489-4359-B6ED-2BD70872DC3B",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52CE5DAC-381B-4B20-AD92-C427B0ECB4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03080BE4-33E3-46E8-9E41-98BCCBBEC71D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3F07F9-AAC0-4537-87A3-549595DF9669",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D639C63E-A4AF-4DC9-AF87-919CF14EC504",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0609B2B8-704B-4804-BE0B-FDE177FDBA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322292AB-8578-4CF8-8429-F0E38C003942",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED5439F-1A3C-4F5F-98C7-B2C471919477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79168AE1-1C4B-4FF4-BAD3-B52F6A21F4AE",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563D5D8-CD81-4EE5-AE6F-6939C353377B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA98052-FA8D-41A7-A3EA-2A5C78AB4911",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D51C6DC-9838-411B-8D68-3AFE3C816CAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FBF0BA-8393-40A0-AB64-92BD5A628F4E",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84379684-0B62-44BB-A53E-04C95CA09ED5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9039DEC8-BEB3-4422-8FE5-E27F23721144",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05114EB-E200-4F8B-8D18-41AC80540F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5575_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCEB5A0-0B36-43E6-AF4D-013DE8C5BF9D",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5575:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14F80F87-DDE1-456E-A35E-1408F0E8309B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DBD72E0-FDDC-4105-980E-E8190A26B190",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF54DE0B-E8CA-41B8-9610-800BE70DBC5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5675_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "801FC8A5-459D-4822-8D89-6A6A0E9D9014",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD70CCA8-6267-4C6D-94FC-03CBE34B2508",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5775_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C4D901-084C-49FB-B69F-1B3C2960B19A",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89A4EE5A-7E8E-4D18-A873-F8486F31A515",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E73D8A58-F885-4A20-AD00-18BE96D61D46",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F95AF04F-A204-4341-9765-A8B5000A1D35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84558A0E-CD55-4315-83C4-C9A90A9DC702",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC3DAAF-5B9E-4EFC-A809-4BCB12D810A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB850B0-DE74-4AAA-BC61-317355264DFF",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327A491D-EEEE-466E-98A8-1895C5A24996",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B56B87D2-E528-4704-BE72-7B20620BB997",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79142A75-EA84-4C9A-861B-0FF10E21450B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34B9B3E7-1F14-4671-A40F-DE09FB115CD4",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2699C29-2162-4F2C-83AE-94BBB865885A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325C8C31-1BCC-4036-94CA-1986687182D6",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC7AFBA-3492-44A7-9D78-51FD20C985F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536E4991-87A0-4AA7-9668-FC3B81EBE2DC",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB96F99-DE8C-4344-BBB2-12AD92CE98A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
},
{
"lang": "es",
"value": "Dell BIOS contiene una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada. Un usuario local malicioso y autenticado puede explotar esta vulnerabilidad usando un SMI para conseguir la ejecuci\u00f3n de c\u00f3digo arbitrario durante el SMM"
}
],
"id": "CVE-2022-24418",
"lastModified": "2024-11-21T06:50:23.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-26T16:15:08.057",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-26 16:15
Modified
2024-11-21 06:50
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:dell_g5_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD50BEC6-2116-48A4-B058-F3DF4370828E",
"versionEndExcluding": "1.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:dell_g5_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B45D2E5A-2977-461A-B6A5-72FA4B7213C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_22-3275_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B07E995-E47B-4A4D-91CC-AEF14887DC2E",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_22-3275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7338D5C2-45BA-4BC7-9742-3452FF58379E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_24-3475_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2A9062-94CC-4B3A-8A0E-D7E8346966E8",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_24-3475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D868D5-1125-4F3C-A60E-5F2A6744FE08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93B59A-403C-44DD-9102-984E4FE10E44",
"versionEndExcluding": "2.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "773EB218-753B-44D8-92F2-F902E2BF7933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A5FD1A-B537-4FEF-B0D6-BC6A658A8B8D",
"versionEndExcluding": "1.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EB741-AC21-472C-AE91-D58CAD9B7354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51586736-F6E0-4BF5-948C-252CBA506A0D",
"versionEndExcluding": "1.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B547563E-6AB1-40DD-AA96-9B4D12CAED05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3195_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD04459-B6A3-4C8C-99FD-90C92839C4A8",
"versionEndExcluding": "1.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60A87A1-BF28-4426-92C8-F16B5B311496",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D86E59E6-E309-4811-B0F8-7DDD3E39ED93",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3137C79A-EE16-4B4E-95D8-6CF1E1E9A4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "937ABBDA-4951-40D6-A954-16684C92AC03",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC360757-EECE-40F5-8BA9-098F8F121C3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5959EF8-8489-4359-B6ED-2BD70872DC3B",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52CE5DAC-381B-4B20-AD92-C427B0ECB4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03080BE4-33E3-46E8-9E41-98BCCBBEC71D",
"versionEndExcluding": "1.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3F07F9-AAC0-4537-87A3-549595DF9669",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D639C63E-A4AF-4DC9-AF87-919CF14EC504",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0609B2B8-704B-4804-BE0B-FDE177FDBA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322292AB-8578-4CF8-8429-F0E38C003942",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED5439F-1A3C-4F5F-98C7-B2C471919477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79168AE1-1C4B-4FF4-BAD3-B52F6A21F4AE",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563D5D8-CD81-4EE5-AE6F-6939C353377B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA98052-FA8D-41A7-A3EA-2A5C78AB4911",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D51C6DC-9838-411B-8D68-3AFE3C816CAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FBF0BA-8393-40A0-AB64-92BD5A628F4E",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84379684-0B62-44BB-A53E-04C95CA09ED5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9039DEC8-BEB3-4422-8FE5-E27F23721144",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05114EB-E200-4F8B-8D18-41AC80540F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5575_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCEB5A0-0B36-43E6-AF4D-013DE8C5BF9D",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5575:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14F80F87-DDE1-456E-A35E-1408F0E8309B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DBD72E0-FDDC-4105-980E-E8190A26B190",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF54DE0B-E8CA-41B8-9610-800BE70DBC5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5675_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "801FC8A5-459D-4822-8D89-6A6A0E9D9014",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD70CCA8-6267-4C6D-94FC-03CBE34B2508",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5775_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C4D901-084C-49FB-B69F-1B3C2960B19A",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89A4EE5A-7E8E-4D18-A873-F8486F31A515",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E73D8A58-F885-4A20-AD00-18BE96D61D46",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F95AF04F-A204-4341-9765-A8B5000A1D35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84558A0E-CD55-4315-83C4-C9A90A9DC702",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC3DAAF-5B9E-4EFC-A809-4BCB12D810A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB850B0-DE74-4AAA-BC61-317355264DFF",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327A491D-EEEE-466E-98A8-1895C5A24996",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B56B87D2-E528-4704-BE72-7B20620BB997",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79142A75-EA84-4C9A-861B-0FF10E21450B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34B9B3E7-1F14-4671-A40F-DE09FB115CD4",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2699C29-2162-4F2C-83AE-94BBB865885A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325C8C31-1BCC-4036-94CA-1986687182D6",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC7AFBA-3492-44A7-9D78-51FD20C985F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536E4991-87A0-4AA7-9668-FC3B81EBE2DC",
"versionEndExcluding": "1.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB96F99-DE8C-4344-BBB2-12AD92CE98A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
},
{
"lang": "es",
"value": "Dell BIOS contiene una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada. Un usuario malicioso autenticado localmente puede explotar potencialmente esta vulnerabilidad usando una SMI para conseguir una ejecuci\u00f3n de c\u00f3digo arbitrario durante la SMM"
}
],
"id": "CVE-2022-24417",
"lastModified": "2024-11-21T06:50:22.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-26T16:15:07.987",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-24417
Vulnerability from cvelistv5
Published
2022-05-26 15:20
Modified
2024-09-16 20:27
Severity ?
EPSS score ?
Summary
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:13:55.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.10.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-26T15:20:19",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2022-05-12",
"ID": "CVE-2022-24417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CPG BIOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.10.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2022-24417",
"datePublished": "2022-05-26T15:20:19.382956Z",
"dateReserved": "2022-02-04T00:00:00",
"dateUpdated": "2024-09-16T20:27:17.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24418
Vulnerability from cvelistv5
Published
2022-05-26 15:20
Modified
2024-09-17 02:27
Severity ?
EPSS score ?
Summary
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:13:55.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.10.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-26T15:20:20",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2022-05-12",
"ID": "CVE-2022-24418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CPG BIOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.10.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2022-24418",
"datePublished": "2022-05-26T15:20:20.811864Z",
"dateReserved": "2022-02-04T00:00:00",
"dateUpdated": "2024-09-17T02:27:23.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}