← Back

CVE-2022-24420

nvd nist
Published: Mar 11, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Affected (46)

Products: Dell: Alienware 13 R3 Firmware, Alienware 15 R3 Firmware, Alienware 15 R4 Firmware, Alienware 17 R4 Firmware, Alienware 17 R5 Firmware, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 Firmware, Alienware Aurora R8 Firmware, Alienware M15 R2 Firmware, Alienware M15 R3 Firmware, Alienware M15 R4 Firmware, Alienware M17 R2 Firmware, Alienware M17 R3 Firmware, Alienware M17 R4 Firmware, Alienware X15 R1 Firmware, Alienware X17 R1 Firmware, Edge Gateway 3000 Firmware, Edge Gateway 5000 Firmware, Edge Gateway 5100 Firmware, Embedded Box Pc 3000 Firmware, Embedded Box Pc 5000 Firmware, Inspiron 14 3473 Firmware, Inspiron 15 3573 Firmware, Inspiron 15 5566 Firmware, Inspiron 3277 Firmware, Inspiron 3465 Firmware, Inspiron 3477 Firmware, Inspiron 3482 Firmware, Inspiron 3502 Firmware, Inspiron 3510 Firmware, Inspiron 3565 Firmware, Inspiron 3582 Firmware, Inspiron 3782 Firmware, Latitude 3379 Firmware, Vostro 14 5468 Firmware, Vostro 15 5568 Firmware, Vostro 3267 Firmware, Vostro 3268 Firmware, Vostro 3572 Firmware, Vostro 3582 Firmware, Vostro 3660 Firmware, Vostro 3667 Firmware, Vostro 3668 Firmware, Vostro 3669 Firmware, Wyse 7040 Thin Client Firmware, Xps 8930 Firmware
Dell
46 products
Alienware 13 R3 Firmware
Alienware 15 R3 Firmware
Alienware 15 R4 Firmware
Alienware 17 R4 Firmware
Alienware 17 R5 Firmware
Alienware Area 51m R1 Firmware
Alienware Area 51m R2 Firmware
Alienware Aurora R8 Firmware
Alienware M15 R2 Firmware
Alienware M15 R3 Firmware
Alienware M15 R4 Firmware
Alienware M17 R2 Firmware
Alienware M17 R3 Firmware
Alienware M17 R4 Firmware
Alienware X15 R1 Firmware
Alienware X17 R1 Firmware
Edge Gateway 3000 Firmware
Edge Gateway 5000 Firmware
Edge Gateway 5100 Firmware
Embedded Box Pc 3000 Firmware
Embedded Box Pc 5000 Firmware
Inspiron 14 3473 Firmware
Inspiron 15 3573 Firmware
Inspiron 15 5566 Firmware
Inspiron 3277 Firmware
Inspiron 3465 Firmware
Inspiron 3477 Firmware
Inspiron 3482 Firmware
Inspiron 3502 Firmware
Inspiron 3510 Firmware
Inspiron 3565 Firmware
Inspiron 3582 Firmware
Inspiron 3782 Firmware
Latitude 3379 Firmware
Vostro 14 5468 Firmware
Vostro 15 5568 Firmware
Vostro 3267 Firmware
Vostro 3268 Firmware
Vostro 3572 Firmware
Vostro 3582 Firmware
Vostro 3660 Firmware
Vostro 3667 Firmware
Vostro 3668 Firmware
Vostro 3669 Firmware
Wyse 7040 Thin Client Firmware
Xps 8930 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware 13 R3 Firmware
Before 1.16.1
Running on/withPlatform Versions
Dell
Alienware 13 R3
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware 15 R3 Firmware
Before 1.16.1
Running on/withPlatform Versions
Dell
Alienware 15 R3
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware 15 R4 Firmware
Before 1.17.0
Running on/withPlatform Versions
Dell
Alienware 15 R4
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware 17 R4 Firmware
Before 1.16.1
Running on/withPlatform Versions
Dell
Alienware 17 R4
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware 17 R5 Firmware
Before 1.17.0
Running on/withPlatform Versions
Dell
Alienware 17 R5
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware Area 51m R1 Firmware
Before 1.18.0
Running on/withPlatform Versions
Dell
Alienware Area 51m R1
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware Area 51m R2 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Alienware Area 51m R2
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware Aurora R8 Firmware
Before 1.0.20
Running on/withPlatform Versions
Dell
Alienware Aurora R8
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M15 R2 Firmware
Before 1.12.0
Running on/withPlatform Versions
Dell
Alienware M15 R2
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M15 R3 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Alienware M15 R3
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M15 R4 Firmware
Before 1.8.0
Running on/withPlatform Versions
Dell
Alienware M15 R4
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M17 R2 Firmware
Before 1.12.0
Running on/withPlatform Versions
Dell
Alienware M17 R2
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M17 R3 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Alienware M17 R3
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware M17 R4 Firmware
Before 1.8.0
Running on/withPlatform Versions
Dell
Alienware M17 R4
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware X15 R1 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Alienware X15 R1
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Alienware X17 R1 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Alienware X17 R1
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Edge Gateway 3000 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Edge Gateway 3000
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Edge Gateway 5000 Firmware
Before 1.17.0
Running on/withPlatform Versions
Dell
Edge Gateway 5000
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Edge Gateway 5100 Firmware
Before 1.17.0
Running on/withPlatform Versions
Dell
Edge Gateway 5100
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Embedded Box Pc 3000 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Embedded Box Pc 3000
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Embedded Box Pc 5000 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Embedded Box Pc 5000
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 14 3473 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Inspiron 14 3473
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 15 3573 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Inspiron 15 3573
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 15 5566 Firmware
Before 1.18.0
Running on/withPlatform Versions
Dell
Inspiron 15 5566
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3277 Firmware
Before 1.19.0
Running on/withPlatform Versions
Dell
Inspiron 3277
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3465 Firmware
Before 1.12.0
Running on/withPlatform Versions
Dell
Inspiron 3465
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3477 Firmware
Before 1.19.0
Running on/withPlatform Versions
Dell
Inspiron 3477
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3482 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Inspiron 3482
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3502 Firmware
Before 1.7.0
Running on/withPlatform Versions
Dell
Inspiron 3502
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3510 Firmware
Before 1.6.0
Running on/withPlatform Versions
Dell
Inspiron 3510
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3565 Firmware
Before 1.12.0
Running on/withPlatform Versions
Dell
Inspiron 3565
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3582 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Inspiron 3582
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Inspiron 3782 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Inspiron 3782
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Latitude 3379 Firmware
Before 1.0.34
Running on/withPlatform Versions
Dell
Latitude 3379
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 14 5468 Firmware
Before 1.19.0
Running on/withPlatform Versions
Dell
Vostro 14 5468
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 15 5568 Firmware
Before 1.19.0
Running on/withPlatform Versions
Dell
Vostro 15 5568
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3267 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3267
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3268 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3268
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3572 Firmware
Before 1.14.0
Running on/withPlatform Versions
Dell
Vostro 3572
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3582 Firmware
Before 1.13.0
Running on/withPlatform Versions
Dell
Vostro 3582
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3660 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3660
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3667 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3667
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3668 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3668
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Vostro 3669 Firmware
Before 1.20.0
Running on/withPlatform Versions
Dell
Vostro 3669
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wyse 7040 Thin Client Firmware
Before 1.15.0
Running on/withPlatform Versions
Dell
Wyse 7040 Thin Client
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xps 8930 Firmware
Before 1.1.21
Running on/withPlatform Versions
Dell
Xps 8930
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.