CVE-2022-31225

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

CVSS v3 5.1 MEDIUM

5.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/000202196	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:chengming_3900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:dell:inspiron_14_plus_7420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_14_plus_7420:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:dell:inspiron_16_plus_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_16_plus_7620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:dell:inspiron_3910_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_3910:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:dell:inspiron_5320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5320:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:dell:inspiron_5420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5420:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:dell:inspiron_5620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_5620:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:dell:inspiron_7420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_7420:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:dell:inspiron_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:inspiron_7620:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:dell:optiplex_3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_3000:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:dell:optiplex_3000_thin_client_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:dell:optiplex_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_5000:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:dell:optiplex_5400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:dell:optiplex_7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7000:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:dell:optiplex_7000_oem_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7000_oem:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:dell:optiplex_7400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:optiplex_7400:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:dell:precision_3460_small_form_factor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_3460_small_form_factor:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:dell:precision_3660_tower_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_3660_tower:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:dell:precision_5770_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:precision_5770:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:dell:vostro_3710_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3710:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:dell:vostro_3910_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_3910:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:dell:vostro_5320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_5320:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:dell:vostro_5620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_5620:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:dell:vostro_7620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vostro_7620:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:dell:xps_17_9720_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:xps_17_9720:-:*:*:*:*:*:*:*

History

15 Sep 2022, 19:11

Type	Values Removed	Values Added
References	~~(MISC) https://www.dell.com/support/kbdoc/000202196 -~~	(MISC) https://www.dell.com/support/kbdoc/000202196 - Patch, Vendor Advisory
CWE		CWE-252
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.1
CPE		cpe:2.3:h:dell:vostro_5620:-:::::::* cpe:2.3:o:dell:optiplex_5400_firmware:::::::: cpe:2.3:o:dell:optiplex_7000_firmware:::::::: cpe:2.3:h:dell:vostro_3710:-:::::::* cpe:2.3:o:dell:vostro_7620_firmware:::::::: cpe:2.3:h:dell:vostro_5320:-:::::::* cpe:2.3:h:dell:inspiron_3910:-:::::::* cpe:2.3:h:dell:precision_3460_small_form_factor:-:::::::* cpe:2.3:h:dell:vostro_7620:-:::::::* cpe:2.3:o:dell:inspiron_7420_firmware:::::::: cpe:2.3:h:dell:optiplex_5400:-:::::::* cpe:2.3:h:dell:inspiron_7420:-:::::::* cpe:2.3:h:dell:chengming_3900:-:::::::* cpe:2.3:o:dell:precision_3460_small_form_factor_firmware:::::::: cpe:2.3:o:dell:optiplex_5000_firmware:::::::: cpe:2.3:o:dell:inspiron_16_plus_7620_firmware:::::::: cpe:2.3:o:dell:inspiron_5620_firmware:::::::: cpe:2.3:o:dell:optiplex_7400_firmware:::::::: cpe:2.3:h:dell:precision_3660_tower:-:::::::* cpe:2.3:h:dell:inspiron_7620:-:::::::* cpe:2.3:o:dell:inspiron_3910_firmware:::::::: cpe:2.3:o:dell:optiplex_3000_thin_client_firmware:::::::: cpe:2.3:o:dell:vostro_5620_firmware:::::::: cpe:2.3:h:dell:optiplex_7000_oem:-:::::::* cpe:2.3:h:dell:optiplex_7000:-:::::::* cpe:2.3:h:dell:vostro_3910:-:::::::* cpe:2.3:h:dell:inspiron_5620:-:::::::* cpe:2.3:h:dell:optiplex_5000:-:::::::* cpe:2.3:o:dell:vostro_3710_firmware:::::::: cpe:2.3:h:dell:optiplex_3000:-:::::::* cpe:2.3:o:dell:precision_5770_firmware:::::::: cpe:2.3:h:dell:precision_5770:-:::::::* cpe:2.3:o:dell:inspiron_14_plus_7420_firmware:::::::: cpe:2.3:o:dell:vostro_3910_firmware:::::::: cpe:2.3:o:dell:vostro_5320_firmware:::::::: cpe:2.3:h:dell:inspiron_14_plus_7420:-:::::::* cpe:2.3:o:dell:xps_17_9720_firmware:::::::: cpe:2.3:h:dell:xps_17_9720:-:::::::* cpe:2.3:h:dell:optiplex_7400:-:::::::* cpe:2.3:o:dell:optiplex_3000_firmware:::::::: cpe:2.3:o:dell:chengming_3900_firmware:::::::: cpe:2.3:o:dell:inspiron_5320_firmware:::::::: cpe:2.3:h:dell:inspiron_5320:-:::::::* cpe:2.3:o:dell:precision_3660_tower_firmware:::::::: cpe:2.3:h:dell:inspiron_16_plus_7620:-:::::::* cpe:2.3:h:dell:optiplex_3000_thin_client:-:::::::* cpe:2.3:h:dell:inspiron_5420:-:::::::* cpe:2.3:o:dell:optiplex_7000_oem_firmware:::::::: cpe:2.3:o:dell:inspiron_7620_firmware:::::::: cpe:2.3:o:dell:inspiron_5420_firmware::::::::

12 Sep 2022, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-12 19:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-31225

Mitre link : CVE-2022-31225

CVE.ORG link : CVE-2022-31225

JSON object : View

Products Affected

dell

optiplex_5400
precision_5770_firmware
inspiron_5620_firmware
vostro_3710
vostro_3910_firmware
inspiron_5320
inspiron_7420
inspiron_5420_firmware
optiplex_7000_firmware
optiplex_5000
inspiron_5420
vostro_7620
chengming_3900_firmware
optiplex_5400_firmware
inspiron_14_plus_7420
precision_3460_small_form_factor
vostro_3710_firmware
chengming_3900
optiplex_5000_firmware
vostro_5620_firmware
vostro_7620_firmware
optiplex_3000_thin_client
optiplex_7400
optiplex_7000
precision_3460_small_form_factor_firmware
optiplex_7000_oem
inspiron_3910
optiplex_3000_firmware
inspiron_3910_firmware
vostro_5320_firmware
inspiron_7620
xps_17_9720
vostro_5620
inspiron_16_plus_7620_firmware
inspiron_7420_firmware
xps_17_9720_firmware
optiplex_7400_firmware
inspiron_5620
precision_3660_tower
inspiron_7620_firmware
optiplex_3000
optiplex_3000_thin_client_firmware
precision_5770
inspiron_5320_firmware
inspiron_16_plus_7620
optiplex_7000_oem_firmware
vostro_3910
precision_3660_tower_firmware
vostro_5320
inspiron_14_plus_7420_firmware

CWE

CWE-252

Unchecked Return Value

5.1 /10