Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
References
| Link | Resource |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
Configuration 20 (hide)
| AND |
|
Configuration 21 (hide)
| AND |
|
Configuration 22 (hide)
| AND |
|
Configuration 23 (hide)
| AND |
|
Configuration 24 (hide)
| AND |
|
Configuration 25 (hide)
| AND |
|
Configuration 26 (hide)
| AND |
|
Configuration 27 (hide)
| AND |
|
Configuration 28 (hide)
| AND |
|
History
07 Jun 2022, 17:04
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095 - Vendor Advisory | |
| CWE | CWE-20 | |
| CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 6.7 |
| CPE | cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:dell_g5_5505_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5575:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_7405_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_22-3275:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5575_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_22-3275_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5675_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5775_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_24-3475:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3195_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_24-3475_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3195:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:dell_g5_5505:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5675:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_7405:-:*:*:*:*:*:*:* cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:* cpe:2.3:h:dell:inspiron_5775:-:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:* |
26 May 2022, 17:25
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-05-26 16:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-24418
Mitre link : CVE-2022-24418
CVE.ORG link : CVE-2022-24418
JSON object : View
Products Affected
dell
- inspiron_5585_firmware
- inspiron_3185_firmware
- dell_g5_5505_firmware
- inspiron_7405
- inspiron_7415
- vostro_3515_firmware
- vostro_5415
- inspiron_5405
- inspiron_5485
- inspiron_3505
- inspiron_5515_firmware
- inspiron_3585
- inspiron_7405_firmware
- vostro_5515_firmware
- vostro_5515
- inspiron_22-3275
- inspiron_5415_firmware
- inspiron_5405_firmware
- inspiron_5675
- inspiron_5585
- inspiron_3595
- inspiron_5675_firmware
- inspiron_5505
- inspiron_3185
- vostro_3405
- inspiron_7375
- dell_g5_5505
- inspiron_5485_firmware
- inspiron_27_7775
- inspiron_5575_firmware
- inspiron_3195
- inspiron_3785_firmware
- inspiron_3180_firmware
- vostro_3515
- inspiron_5505_firmware
- inspiron_5415
- inspiron_7375_firmware
- inspiron_3585_firmware
- vostro_3405_firmware
- inspiron_3515_firmware
- inspiron_3195_firmware
- inspiron_3180
- inspiron_22-3275_firmware
- vostro_5415_firmware
- inspiron_5575
- inspiron_24-3475_firmware
- inspiron_3515
- inspiron_3595_firmware
- inspiron_5775
- inspiron_5515
- inspiron_24-3475
- inspiron_5775_firmware
- inspiron_7415_firmware
- inspiron_3785
- inspiron_3505_firmware
- inspiron_27_7775_firmware
CWE
CWE-20
Improper Input Validation