fkie_cve-2022-34393
Vulnerability from fkie_nvd
Published
2023-01-18 06:15
Modified
2024-11-21 07:09
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | https://www.dell.com/support/kbdoc/000204686 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dell.com/support/kbdoc/000204686 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:g5_se_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28A7B06E-9C89-4434-B816-3E9D6147794C",
"versionEndExcluding": "1.12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:g5_se_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E98A4646-E3CD-4664-881D-284DB263CC18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39245022-C2DE-4DCA-BE05-2A32E0EF0E7D",
"versionEndExcluding": "2.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "773EB218-753B-44D8-92F2-F902E2BF7933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A14DA7EB-AEE7-4BF3-85BB-3643E25B9A25",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EB741-AC21-472C-AE91-D58CAD9B7354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70771DF7-A995-4A3B-90B0-9A5E3FB4C239",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B547563E-6AB1-40DD-AA96-9B4D12CAED05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3195_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C509EDC-6401-499F-970A-24F1E17F79F6",
"versionEndExcluding": "1.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3195_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A9519F-ABE1-4684-A7EF-432830CCD585",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3275_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D95E7D0B-86AB-491D-BEBD-C2CBB9A05420",
"versionEndExcluding": "1.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D35B707-6168-4C83-88AD-61105B56EFAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3475_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CCD34F-2EF2-4CBF-BC39-4D8311AB79A0",
"versionEndExcluding": "1.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2DBC7DD-5091-4B2D-A52B-A3D6A9332202",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE100BB-8B12-481E-9370-8F144B8EC7A0",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3137C79A-EE16-4B4E-95D8-6CF1E1E9A4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AFA4D6-A987-4A37-8300-8883E9B917D9",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC360757-EECE-40F5-8BA9-098F8F121C3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "933622D7-2C39-4846-BC0C-F45EB0A1884D",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52CE5DAC-381B-4B20-AD92-C427B0ECB4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72CA7669-455D-47FB-9324-819DA3F7C3E4",
"versionEndExcluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3F07F9-AAC0-4537-87A3-549595DF9669",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F19F4BA8-6D75-4EDF-B4D7-21D8DB11D335",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0609B2B8-704B-4804-BE0B-FDE177FDBA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FF68AC-F7BA-47FA-9AB4-C0F98EB10069",
"versionEndExcluding": "1.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED5439F-1A3C-4F5F-98C7-B2C471919477",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32212434-BBEC-4063-A8ED-4D72F0BF58EA",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563D5D8-CD81-4EE5-AE6F-6939C353377B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6431B7-FCF2-4B1F-A84C-FF367F93EC3C",
"versionEndExcluding": "2.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D51C6DC-9838-411B-8D68-3AFE3C816CAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5485_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A63899-A10A-438C-A690-0F670F36E6C8",
"versionEndExcluding": "2.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5485_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67AF4B93-4EF4-441A-B337-2679036ECF42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5ED373-FB11-49C7-B13F-C91307AC524E",
"versionEndExcluding": "1.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84379684-0B62-44BB-A53E-04C95CA09ED5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B272F82-0E42-4F02-82DC-1AADBFF47932",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05114EB-E200-4F8B-8D18-41AC80540F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C822C38F-E2C4-45DD-82CE-E81EF99925B0",
"versionEndExcluding": "2.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF54DE0B-E8CA-41B8-9610-800BE70DBC5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FBD55A-1147-45B1-884F-4F3224CD885D",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F95AF04F-A204-4341-9765-A8B5000A1D35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7405_2-in-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "199BF849-12EF-4537-BC82-18B6A28540FB",
"versionEndExcluding": "1.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7405_2-in-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A723A28B-2CED-4A1A-B36C-82E9ABDE58E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF11FAA4-D8B3-4CB5-96D5-09CCEE910381",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327A491D-EEEE-466E-98A8-1895C5A24996",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "443A00E1-110B-4E23-B684-B60AF25EC19F",
"versionEndExcluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79142A75-EA84-4C9A-861B-0FF10E21450B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCC2CF5-A580-43BC-9664-D31A52062E94",
"versionEndExcluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2699C29-2162-4F2C-83AE-94BBB865885A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "787C17A2-8CB1-436A-89CE-E32B858D8EAD",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC7AFBA-3492-44A7-9D78-51FD20C985F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEFC100-6066-4B18-B6A3-BBFD7B37E59D",
"versionEndExcluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB96F99-DE8C-4344-BBB2-12AD92CE98A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nDell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Dell BIOS contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta. Un usuario malicioso autenticado local podr\u00eda explotar esta vulnerabilidad utilizando un SMI para obtener la ejecuci\u00f3n de c\u00f3digo arbitrario en SMRAM."
}
],
"id": "CVE-2022-34393",
"lastModified": "2024-11-21T07:09:25.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-18T06:15:11.413",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/000204686"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/000204686"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.