cvelistv5 - cve-2022-34401

CVE-2022-34401 (GCVE-0-2022-34401)

Vulnerability from cvelistv5 – Published: 2023-01-18 05:51 – Updated: 2025-04-03 19:42

Summary

Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Assigner

dell

References

URL

Tags

https://www.dell.com/support/kbdoc/000204679

vendor-advisory

Impacted products

	Vendor	Product	Version
	Dell	CPG BIOS	Affected: 1.4.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:07:16.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/000204679"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-34401",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-02T16:22:25.615657Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T19:42:05.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "1.4.3"
            }
          ]
        }
      ],
      "datePublic": "2022-10-27T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cdiv\u003e\u003cdiv\u003eDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\u003c/div\u003e\u003c/div\u003e\n\n"
            }
          ],
          "value": "\nDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-18T05:51:09.851Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/000204679"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2022-34401",
    "datePublished": "2023-01-18T05:51:09.851Z",
    "dateReserved": "2022-06-23T18:55:17.099Z",
    "dateUpdated": "2025-04-03T19:42:05.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:alienware_m15_a6_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.3\", \"matchCriteriaId\": \"F6568990-B376-45EA-B56F-A03207A1AD61\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:alienware_m15_a6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37462389-91CB-4B5B-9412-180995860E37\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:alienware_m17_r5_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.3\", \"matchCriteriaId\": \"1B22D1FA-F68E-41B7-BCF2-D6E7AAF8D9B8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:alienware_m17_r5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E8A465D-8F53-49CB-9498-D2894CEE8264\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:g15_5525_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.3\", \"matchCriteriaId\": \"CCF400B8-885E-4E6D-B6A5-1A0329791FAE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:g15_5525:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68FD27D9-7C76-450C-8535-DE86FC006C46\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\nDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\\n\\n\\n\\n\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Dell BIOS contiene una vulnerabilidad de desbordamiento de b\\u00fafer en la regi\\u00f3n stack de la memoria. Un usuario malicioso autenticado local puede explotar esta vulnerabilidad utilizando un SMI para enviar una entrada mayor a la esperada a un par\\u00e1metro con el fin de obtener la ejecuci\\u00f3n de c\\u00f3digo arbitrario en SMRAM.\"}]",
      "id": "CVE-2022-34401",
      "lastModified": "2024-11-21T07:09:26.877",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security_alert@emc.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 6.0}]}",
      "published": "2023-01-18T06:15:11.493",
      "references": "[{\"url\": \"https://www.dell.com/support/kbdoc/000204679\", \"source\": \"security_alert@emc.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.dell.com/support/kbdoc/000204679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security_alert@emc.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security_alert@emc.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-121\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-34401\",\"sourceIdentifier\":\"security_alert@emc.com\",\"published\":\"2023-01-18T06:15:11.493\",\"lastModified\":\"2024-11-21T07:09:26.877\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\\n\\n\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"Dell BIOS contiene una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. Un usuario malicioso autenticado local puede explotar esta vulnerabilidad utilizando un SMI para enviar una entrada mayor a la esperada a un par\u00e1metro con el fin de obtener la ejecuci\u00f3n de c\u00f3digo arbitrario en SMRAM.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:alienware_m15_a6_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.3\",\"matchCriteriaId\":\"F6568990-B376-45EA-B56F-A03207A1AD61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:alienware_m15_a6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37462389-91CB-4B5B-9412-180995860E37\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:alienware_m17_r5_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.3\",\"matchCriteriaId\":\"1B22D1FA-F68E-41B7-BCF2-D6E7AAF8D9B8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:alienware_m17_r5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8A465D-8F53-49CB-9498-D2894CEE8264\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:g15_5525_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.3\",\"matchCriteriaId\":\"CCF400B8-885E-4E6D-B6A5-1A0329791FAE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:g15_5525:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68FD27D9-7C76-450C-8535-DE86FC006C46\"}]}]}],\"references\":[{\"url\":\"https://www.dell.com/support/kbdoc/000204679\",\"source\":\"security_alert@emc.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.dell.com/support/kbdoc/000204679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.dell.com/support/kbdoc/000204679\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T09:07:16.153Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-34401\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-02T16:22:25.615657Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-02T16:22:32.379Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Dell\", \"product\": \"CPG BIOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.4.3\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2022-10-27T16:00:00.000Z\", \"references\": [{\"url\": \"https://www.dell.com/support/kbdoc/000204679\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cdiv\u003e\u003cdiv\u003eDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\u003c/div\u003e\u003c/div\u003e\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-121\", \"description\": \"CWE-121: Stack-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"shortName\": \"dell\", \"dateUpdated\": \"2023-01-18T05:51:09.851Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-34401\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-03T19:42:05.249Z\", \"dateReserved\": \"2022-06-23T18:55:17.099Z\", \"assignerOrgId\": \"c550e75a-17ff-4988-97f0-544cde3820fe\", \"datePublished\": \"2023-01-18T05:51:09.851Z\", \"assignerShortName\": \"dell\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-XR3M-J4Q9-HQR4

Vulnerability from github – Published: 2023-01-18 06:31 – Updated: 2023-01-25 21:30

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-34401"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-18T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.",
  "id": "GHSA-xr3m-j4q9-hqr4",
  "modified": "2023-01-25T21:30:19Z",
  "published": "2023-01-18T06:31:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34401"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000204679"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-34401

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-34401

Aliases

CVE-2022-34401

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-34401",
    "description": "Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.",
    "id": "GSD-2022-34401"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-34401"
      ],
      "details": "Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.",
      "id": "GSD-2022-34401",
      "modified": "2023-12-13T01:19:18.963966Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "ID": "CVE-2022-34401",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "CPG BIOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "1.4.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Dell"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-121",
                "lang": "eng",
                "value": "CWE-121: Stack-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.dell.com/support/kbdoc/000204679",
            "refsource": "MISC",
            "url": "https://www.dell.com/support/kbdoc/000204679"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:dell:alienware_m15_a6_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.4.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dell:alienware_m15_a6:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:dell:alienware_m17_r5_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.4.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dell:alienware_m17_r5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:dell:g15_5525_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.4.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:dell:g15_5525:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2022-34401"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.dell.com/support/kbdoc/000204679",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.dell.com/support/kbdoc/000204679"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2023-10-18T18:12Z",
      "publishedDate": "2023-01-18T06:15Z"
    }
  }
}

FKIE_CVE-2022-34401

Vulnerability from fkie_nvd - Published: 2023-01-18 06:15 - Updated: 2024-11-21 07:09

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

References

	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/000204679	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/000204679	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	alienware_m15_a6_firmware	*
dell	alienware_m15_a6	-
dell	alienware_m17_r5_firmware	*
dell	alienware_m17_r5	-
dell	g15_5525_firmware	*
dell	g15_5525	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m15_a6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6568990-B376-45EA-B56F-A03207A1AD61",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m15_a6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37462389-91CB-4B5B-9412-180995860E37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:alienware_m17_r5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B22D1FA-F68E-41B7-BCF2-D6E7AAF8D9B8",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:alienware_m17_r5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E8A465D-8F53-49CB-9498-D2894CEE8264",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:g15_5525_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF400B8-885E-4E6D-B6A5-1A0329791FAE",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:g15_5525:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD27D9-7C76-450C-8535-DE86FC006C46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nDell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.\n\n\n\n\n\n"
    },
    {
      "lang": "es",
      "value": "Dell BIOS contiene una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. Un usuario malicioso autenticado local puede explotar esta vulnerabilidad utilizando un SMI para enviar una entrada mayor a la esperada a un par\u00e1metro con el fin de obtener la ejecuci\u00f3n de c\u00f3digo arbitrario en SMRAM."
    }
  ],
  "id": "CVE-2022-34401",
  "lastModified": "2024-11-21T07:09:26.877",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-18T06:15:11.493",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/000204679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/000204679"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2023-05408

Vulnerability from cnvd - Published: 2023-01-31

Title

Dell BIOS缓冲区溢出漏洞（CNVD-2023-05408）

Description

Dell BIOS是美国戴尔（Dell）公司的一个计算机主板上小型内存芯片上的嵌入式软件。 Dell BIOS SMI存在缓冲区溢出漏洞，本地攻击者可利用该漏洞提交特殊的请求，可在SMRAM中执行任意代码。

Severity

中

Patch Name

Dell BIOS缓冲区溢出漏洞（CNVD-2023-05408）的补丁

Patch Description

Dell BIOS是美国戴尔（Dell）公司的一个计算机主板上小型内存芯片上的嵌入式软件。 Dell BIOS SMI存在缓冲区溢出漏洞，本地攻击者可利用该漏洞提交特殊的请求，可在SMRAM中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://www.dell.com/support/kbdoc/000204679

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-34401

Impacted products

Name
Dell BIOS

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-34401",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-34401"
    }
  },
  "description": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\n\nDell BIOS SMI\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u5728SMRAM\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://www.dell.com/support/kbdoc/000204679",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-05408",
  "openTime": "2023-01-31",
  "patchDescription": "Dell BIOS\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u8ba1\u7b97\u673a\u4e3b\u677f\u4e0a\u5c0f\u578b\u5185\u5b58\u82af\u7247\u4e0a\u7684\u5d4c\u5165\u5f0f\u8f6f\u4ef6\u3002\r\n\r\nDell BIOS SMI\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u5728SMRAM\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2023-05408\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Dell BIOS"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-34401",
  "serverity": "\u4e2d",
  "submitTime": "2023-01-30",
  "title": "Dell BIOS\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2023-05408\uff09"
}

WID-SEC-W-2023-0108

Vulnerability from csaf_certbund - Published: 2023-01-17 23:00 - Updated: 2023-01-18 23:00

Summary

Dell BIOS: Mehrere Schwachstellen ermöglichen Codeausführung

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Das BIOS ist die Firmware bei IBM PC kompatiblen Computern.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Dell BIOS ausnutzen, um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme

- BIOS/Firmware

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das BIOS ist die Firmware bei IBM PC kompatiblen Computern.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell BIOS ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0108 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0108.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0108 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0108"
      },
      {
        "category": "external",
        "summary": "DSA-2022-291: Dell Client Security Update for Dell Client BIOS vom 2023-01-17",
        "url": "https://www.dell.com/support/kbdoc/de-de/000204679/dsa-2022-291-dell-client-security-update-for-dell-client-bios"
      },
      {
        "category": "external",
        "summary": "DSA-2022-278: Dell Client Security Update for Dell Client BIOS vom 2023-01-17",
        "url": "https://www.dell.com/support/kbdoc/de-de/000204686/dsa-2022-278-dell-client-security-update-for-dell-client-bios"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell BIOS: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
    "tracking": {
      "current_release_date": "2023-01-18T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:41:38.050+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0108",
      "initial_release_date": "2023-01-17T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-01-17T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-01-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Korrektur: Doppelte Referenz bereinigt"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell BIOS",
            "product": {
              "name": "Dell BIOS",
              "product_id": "T016637",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:bios:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34460",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BIOS existieren mehrere Schwachstellen. Der Fehler besteht aufgrund mehrerer unsachgem\u00e4\u00dfer Eingabevalidierungen und eines Stack-basierten Puffer\u00fcberlaufs. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Schwachstellen ausnutzen, indem er ein SMI benutzt, um beliebigen Code im SMRAM auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T016637"
        ]
      },
      "release_date": "2023-01-17T23:00:00.000+00:00",
      "title": "CVE-2022-34460"
    },
    {
      "cve": "CVE-2022-34401",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BIOS existieren mehrere Schwachstellen. Der Fehler besteht aufgrund mehrerer unsachgem\u00e4\u00dfer Eingabevalidierungen und eines Stack-basierten Puffer\u00fcberlaufs. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Schwachstellen ausnutzen, indem er ein SMI benutzt, um beliebigen Code im SMRAM auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T016637"
        ]
      },
      "release_date": "2023-01-17T23:00:00.000+00:00",
      "title": "CVE-2022-34401"
    },
    {
      "cve": "CVE-2022-34393",
      "notes": [
        {
          "category": "description",
          "text": "In Dell BIOS existieren mehrere Schwachstellen. Der Fehler besteht aufgrund mehrerer unsachgem\u00e4\u00dfer Eingabevalidierungen und eines Stack-basierten Puffer\u00fcberlaufs. Ein lokaler Angreifer mit bestimmten Privilegien kann diese Schwachstellen ausnutzen, indem er ein SMI benutzt, um beliebigen Code im SMRAM auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T016637"
        ]
      },
      "release_date": "2023-01-17T23:00:00.000+00:00",
      "title": "CVE-2022-34393"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-34401 (GCVE-0-2022-34401)

GHSA-XR3M-J4Q9-HQR4

GSD-2022-34401

FKIE_CVE-2022-34401

CNVD-2023-05408

WID-SEC-W-2023-0108

Tags

Sightings

Nomenclature