CVE-2022-26862

Published: Jun 23, 2022Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Affected (34)

Dell

34 products

Alienware M15 R5 Firmware

G15 5515 Firmware

G5 Se 5505 Firmware

Inspiron 27 7775 Firmware

Inspiron 14 5425 Firmware

Inspiron 3275 Firmware

Inspiron 3475 Firmware

Inspiron 3180 Firmware

Inspiron 3185 Firmware

Inspiron 3195 Firmware

Inspiron 3505 Firmware

Inspiron 3515 Firmware

Inspiron 3525 Firmware

Inspiron 3585 Firmware

Inspiron 3595 Firmware

Inspiron 3785 Firmware

Inspiron 5405 Firmware

Inspiron 5415 Firmware

Inspiron 5415 All In One Firmware

Inspiron 5485 Firmware

Inspiron 5505 Firmware

Inspiron 5515 Firmware

Inspiron 5575 Firmware

Inspiron 5585 Firmware

Inspiron 7375 Firmware

Inspiron 7405 Firmware

Inspiron 7415 Firmware

Inspiron 7425 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Alienware M15 R5 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Alienware M15 R5	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G15 5515 Firmware	Before 1.6.0

Running on/with	Platform Versions
Dell G15 5515	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G5 Se 5505 Firmware	Before 1.11.0

Running on/with	Platform Versions
Dell G5 Se 5505	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 27 7775 Firmware	Before 2.16.1

Running on/with	Platform Versions
Dell Inspiron 27 7775	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 14 5425 Firmware	Before 1.2.1

Running on/with	Platform Versions
Dell Inspiron 14 5425	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3275 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 3275	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3475 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 3475	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3180 Firmware	Before 1.4.4

Running on/with	Platform Versions
Dell Inspiron 3180	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3185 Firmware	Before 1.4.4

Running on/with	Platform Versions
Dell Inspiron 3185	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3195 Firmware	Before 1.4.1

Running on/with	Platform Versions
Dell Inspiron 3195	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3505 Firmware	Before 1.6.0

Running on/with	Platform Versions
Dell Inspiron 3505	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3515 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 3515	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3525 Firmware	Before 1.3.0

Running on/with	Platform Versions
Dell Inspiron 3525	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3585 Firmware	Before 1.7.0

Running on/with	Platform Versions
Dell Inspiron 3585	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3595 Firmware	Before 1.3.0

Running on/with	Platform Versions
Dell Inspiron 3595	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3785 Firmware	Before 1.7.0

Running on/with	Platform Versions
Dell Inspiron 3785	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5405 Firmware	Before 1.7.0

Running on/with	Platform Versions
Dell Inspiron 5405	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5415 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 5415	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5415 All In One Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 5415 All In One	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5485 Firmware	Before 2.8.0

Running on/with	Platform Versions
Dell Inspiron 5485	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5505 Firmware	Before 1.7.0

Running on/with	Platform Versions
Dell Inspiron 5505	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5515 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 5515	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5575 Firmware	Before 1.6.0

Running on/with	Platform Versions
Dell Inspiron 5575	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5585 Firmware	Before 2.8.0

Running on/with	Platform Versions
Dell Inspiron 5585	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7375 Firmware	Before 1.7.0

Running on/with	Platform Versions
Dell Inspiron 7375	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7405 Firmware	Before 1.8.0

Running on/with	Platform Versions
Dell Inspiron 7405	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7415 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 7415	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7425 Firmware	Before 1.2.1

Running on/with	Platform Versions
Dell Inspiron 7425	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3405 Firmware	Before 1.6.0

Running on/with	Platform Versions
Dell Vostro 3405	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3515 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Vostro 3515	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3525 Firmware	Before 1.3.0

Running on/with	Platform Versions
Dell Vostro 3525	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5415 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Vostro 5415	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5515 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Vostro 5515	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5625 Firmware	Before 1.2.1

Running on/with	Platform Versions
Dell Vostro 5625	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/en-us/000200568/dsa-2022-096

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.