CVE-2022-34405

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000205721/dsa-2022-316-dell-client-security-update-for-a-realtek-high-definition-audio-driver-vulnerability	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:alienware_m15_ryzen_edition_r5:-:::::::*
	cpe:2.3:h:dell:g15_5515:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:alienware_m15_r6:-:::::::*
	cpe:2.3:h:dell:g15_5510:-:::::::*
	cpe:2.3:h:dell:g15_5511:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:alienware_area_51m_r1:-:::::::*
	cpe:2.3:h:dell:alienware_area_51m_r2:-:::::::*
	cpe:2.3:h:dell:alienware_aurora_r10:-:::::::*
	cpe:2.3:h:dell:alienware_aurora_r11:-:::::::*
	cpe:2.3:h:dell:alienware_aurora_r12:-:::::::*
	cpe:2.3:h:dell:alienware_aurora_r8:-:::::::*
	cpe:2.3:h:dell:alienware_aurora_r9:-:::::::*
	cpe:2.3:h:dell:alienware_m15_r1:-:::::::*
	cpe:2.3:h:dell:alienware_m15_r2:-:::::::*
	cpe:2.3:h:dell:alienware_m15_r3:-:::::::*
	cpe:2.3:h:dell:alienware_m15_r4:-:::::::*
	cpe:2.3:h:dell:alienware_m17_r1:-:::::::*
	cpe:2.3:h:dell:alienware_m17_r2:-:::::::*
	cpe:2.3:h:dell:alienware_m17_r3:-:::::::*
	cpe:2.3:h:dell:alienware_m17_r4:-:::::::*
	cpe:2.3:h:dell:g5_5000:-:::::::*
	cpe:2.3:h:dell:g5_5090:-:::::::*
	cpe:2.3:h:dell:g5_5590:-:::::::*
	cpe:2.3:h:dell:g7_7590:-:::::::*
	cpe:2.3:h:dell:g7_7790:-:::::::*

Configuration 4 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:g7_7500:-:::::::*
	cpe:2.3:h:dell:g7_7700:-:::::::*

Configuration 5 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:alienware_aurora_r13:-:::::::*
	cpe:2.3:h:dell:alienware_x15_r1:-:::::::*
	cpe:2.3:h:dell:alienware_x17_r1:-:::::::*

Configuration 6 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:g3_3590:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:dell:g3_3500:-:::::::*
	cpe:2.3:h:dell:g5_5500:-:::::::*

History

21 Jul 2023, 18:49

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-01-26 21:15

Updated : 2024-02-04 23:14

NVD link : CVE-2022-34405

Mitre link : CVE-2022-34405

CVE.ORG link : CVE-2022-34405

JSON object : View

Products Affected

dell

CWE

NVD-CWE-Other CWE-285

Improper Authorization

{"id": "CVE-2022-34405", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}]}, "published": "2023-01-26T21:15:42.883", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000205721/dsa-2022-316-dell-client-security-update-for-a-realtek-high-definition-audio-driver-vulnerability", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.\n\n"}], "lastModified": "2023-11-07T03:48:37.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98CB7144-FD1C-4981-864F-6638AB9C44B9", "versionEndExcluding": "6.0.9433.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:alienware_m15_ryzen_edition_r5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EDDF9040-D1A2-4F53-B2A1-60A56A401DDA"}, {"criteria": "cpe:2.3:h:dell:g15_5515:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DD6D554-0CEC-411C-9D44-A0F3AE3D3A07"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EDDF929-01EF-407A-B0DC-36D08F71AB61", "versionEndExcluding": "6.0.9400.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:alienware_m15_r6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "588DBF4B-7D6A-4DF6-82F0-2B5191D39E2E"}, {"criteria": "cpe:2.3:h:dell:g15_5510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE6C4737-DAD8-4921-B65C-8D11669B730D"}, {"criteria": "cpe:2.3:h:dell:g15_5511:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6CB2ED33-8E4C-4B0F-ABBE-1083A958B9D5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "644D168B-A2C6-49FB-A5FD-6653027EF2B0", "versionEndExcluding": "6.0.9394.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D164D6A-F610-4654-AB17-AB14E7877D93"}, {"criteria": "cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D355D92F-71AB-4D6D-9D3D-85A0BF4133E5"}, {"criteria": "cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1B5E1A2-3F3B-42AF-93ED-01ABF2763BC6"}, {"criteria": "cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C32F25E-2F1F-409D-85DF-15CCAB423DD5"}, {"criteria": "cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6F0C34FD-6A6D-43BF-B548-13D57532AF8C"}, {"criteria": "cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A0FE69C-31CE-49B5-ABB8-1308C75F401C"}, {"criteria": "cpe:2.3:h:dell:alienware_aurora_r9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "671390B3-182F-46AC-9883-2BD48C58D490"}, {"criteria": "cpe:2.3:h:dell:alienware_m15_r1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C01EDB58-FA41-4E7B-860C-53FA5B00B606"}, {"criteria": "cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7613F524-EAA8-4976-8C35-4ABCD555FC63"}, {"criteria": "cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FCCE762E-FB6C-4493-A21F-347DE5CB57E0"}, {"criteria": "cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B084185F-1C0D-47D9-9F72-A79095462428"}, {"criteria": "cpe:2.3:h:dell:alienware_m17_r1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "656DECD6-D29F-4241-90CD-0B190581F674"}, {"criteria": "cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE56E5E4-52FA-4BE7-8B58-8F258B29BE2B"}, {"criteria": "cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EF7B8EAD-E6FD-4CCE-9CE8-605A3BF3357A"}, {"criteria": "cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C631E678-90F0-4DB2-8AB8-7378EC32FAC0"}, {"criteria": "cpe:2.3:h:dell:g5_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B49A7E9-EA33-4614-B91D-465D32407BE3"}, {"criteria": "cpe:2.3:h:dell:g5_5090:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2544FF74-2830-4B7C-BE87-064B971C19D3"}, {"criteria": "cpe:2.3:h:dell:g5_5590:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB9AA2CC-6E81-4987-A888-E82D2949EF3C"}, {"criteria": "cpe:2.3:h:dell:g7_7590:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "331F9E85-4F7F-4C28-A403-EE8D8476FC5E"}, {"criteria": "cpe:2.3:h:dell:g7_7790:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE3DF41E-0328-4AE0-B755-8B6269185BE5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35B3AFF4-11E7-428B-ACE7-13C6263896F2", "versionEndExcluding": "6.0.9407.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A7B6CD4-5129-46B5-8C72-6CE584F7FE9B"}, {"criteria": "cpe:2.3:h:dell:g7_7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20046D13-2EE4-438C-8C98-089D018ADD44"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A55EDCF9-6460-4F87-9142-1B9FACCEFAAA", "versionEndExcluding": "6.0.9388.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "486DCCF7-79D9-45C1-8CBD-26FB78705F91"}, {"criteria": "cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5BC0BF5-9D20-43DB-BF65-F2D2E8EC6970"}, {"criteria": "cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8128EE9B-97C5-40A2-A7F6-8AE7E4D9D1E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51D0F21C-C85D-463E-B45F-951FFC3DD527", "versionEndExcluding": "6.0.9254.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:g3_3590:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1ACD77D7-9AE6-4E24-9EE6-EDD81ABCCF45"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:realtek_high_definition_audio_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D19C0C1-3FC5-48E8-A2F2-0B2AD592DAFC", "versionEndExcluding": "6.0.9422.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dell:g3_3500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79C0E8D8-FE8F-4718-8837-8C8FCACDB095"}, {"criteria": "cpe:2.3:h:dell:g5_5500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "81A8617F-56B1-4998-98CC-FA8C1D3DE011"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security_alert@emc.com"}