CVE-2022-34403

Published: Feb 1, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 2.0 / Impact: 6.0

Source: NVD

Description

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.

Affected (83)

Dell

83 products

Alienware M15 R6 Firmware

Alienware M15 R7 Firmware

Alienware M15 Ryzen Edition R5 Firmware

Alienware M17 R5 Amd Firmware

Inspiron 14 5410 2 In 1 Firmware

Inspiron 15 3511 Firmware

Inspiron 3195 2 In 1 Firmware

Inspiron 3275 Firmware

Inspiron 3475 Firmware

Inspiron 3505 Firmware

Inspiron 3515 Firmware

Inspiron 3525 Firmware

Inspiron 3585 Firmware

Inspiron 3595 Firmware

Inspiron 3785 Firmware

Inspiron 3891 Firmware

Inspiron 5310 Firmware

Inspiron 5405 Firmware

Inspiron 5410 Firmware

Inspiron 5415 Firmware

Inspiron 5425 Firmware

Inspiron 5485 Firmware

Inspiron 5485 2 In 1 Firmware

Inspiron 5505 Firmware

Inspiron 5510 Firmware

Inspiron 5515 Firmware

Inspiron 5585 Firmware

Inspiron 7405 2 In 1 Firmware

Inspiron 7415 Firmware

Inspiron 7425 Firmware

Inspiron 7510 Firmware

Inspiron 7610 Firmware

Latitude 3320 Firmware

Latitude 3420 Firmware

Latitude 3520 Firmware

Latitude 5320 Firmware

Latitude 5420 Firmware

Latitude 5520 Firmware

Latitude 5521 Firmware

Latitude 7320 Firmware

Latitude 7320 Detachable Firmware

Latitude 7420 Firmware

Latitude 7520 Firmware

Latitude 9420 Firmware

Latitude 9520 Firmware

Latitude Rugged 5430 Firmware

Latitude Rugged 7330 Firmware

Latitude 5421 Firmware

Optiplex 5090 Firmware

Optiplex 5490 All In One Firmware

Optiplex 7090 Tower Firmware

Optiplex 7090 Ultra Firmware

Optiplex 7090 Aio Firmware

Precision 3450 Firmware

Precision 3560 Firmware

Precision 3561 Firmware

Precision 3650 Tower Firmware

Precision 5560 Firmware

Precision 5760 Firmware

Precision 7560 Firmware

Precision 7760 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Alienware M15 R6 Firmware	Before 1.17.0

Running on/with	Platform Versions
Dell Alienware M15 R6	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Alienware M15 R7 Firmware	Before 1.4.3

Running on/with	Platform Versions
Dell Alienware M15 R7	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Alienware M15 Ryzen Edition R5 Firmware	Before 1.8.0

Running on/with	Platform Versions
Dell Alienware M15 Ryzen Edition R5	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Alienware M17 R5 Amd Firmware	Before 1.4.3

Running on/with	Platform Versions
Dell Alienware M17 R5 Amd	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G15 5510 Firmware	Before 1.16.0

Running on/with	Platform Versions
Dell G15 5510	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G15 5511 Firmware	Before 1.18.0

Running on/with	Platform Versions
Dell G15 5511	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G15 5515 Firmware	Before 1.8.0

Running on/with	Platform Versions
Dell G15 5515	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G15 5525 Firmware	Before 1.4.3

Running on/with	Platform Versions
Dell G15 5525	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell G5 Se 5505 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell G5 Se 5505	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 14 5410 2 In 1 Firmware	Before 2.15.2

Running on/with	Platform Versions
Dell Inspiron 14 5410 2 In 1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 15 3511 Firmware	Before 1.18.2

Running on/with	Platform Versions
Dell Inspiron 15 3511	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3195 2 In 1 Firmware	Before 1.6.0

Running on/with	Platform Versions
Dell Inspiron 3195 2 In 1	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3275 Firmware	Before 1.9.2

Running on/with	Platform Versions
Dell Inspiron 3275	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3475 Firmware	Before 1.9.2

Running on/with	Platform Versions
Dell Inspiron 3475	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3505 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 3505	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3515 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 3515	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3525 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 3525	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3585 Firmware	Before 1.10.0

Running on/with	Platform Versions
Dell Inspiron 3585	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3595 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 3595	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3785 Firmware	Before 1.10.0

Running on/with	Platform Versions
Dell Inspiron 3785	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 3891 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Inspiron 3891	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5310 Firmware	Before 2.15.0

Running on/with	Platform Versions
Dell Inspiron 5310	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5405 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 5405	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5410 Firmware	Before 2.14.0

Running on/with	Platform Versions
Dell Inspiron 5410	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5415 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell Inspiron 5415	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5425 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 5425	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5485 Firmware	Before 2.11.0

Running on/with	Platform Versions
Dell Inspiron 5485	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5485 2 In 1 Firmware	Before 2.11.0

Running on/with	Platform Versions
Dell Inspiron 5485 2 In 1	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5505 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Inspiron 5505	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5510 Firmware	Before 2.15.2

Running on/with	Platform Versions
Dell Inspiron 5510	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5515 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell Inspiron 5515	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 5585 Firmware	Before 2.11.0

Running on/with	Platform Versions
Dell Inspiron 5585	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7405 2 In 1 Firmware	Before 1.10.1

Running on/with	Platform Versions
Dell Inspiron 7405 2 In 1	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7415 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell Inspiron 7415	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7425 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Inspiron 7425	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7510 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Inspiron 7510	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Inspiron 7610 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Inspiron 7610	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 3320 Firmware	Before 1.18.2

Running on/with	Platform Versions
Dell Latitude 3320	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 3420 Firmware	Before 1.23.2

Running on/with	Platform Versions
Dell Latitude 3420	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 3520 Firmware	Before 1.23.2

Running on/with	Platform Versions
Dell Latitude 3520	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 5320 Firmware	Before 1.24.3

Running on/with	Platform Versions
Dell Latitude 5320	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 5420 Firmware	Before 1.22.0

Running on/with	Platform Versions
Dell Latitude 5420	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 5520 Firmware	Before 1.24.3

Running on/with	Platform Versions
Dell Latitude 5520	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 5521 Firmware	Before 1.17.3

Running on/with	Platform Versions
Dell Latitude 5521	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 7320 Firmware	Before 1.20.0

Running on/with	Platform Versions
Dell Latitude 7320	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 7320 Detachable Firmware	Before 1.17.2

Running on/with	Platform Versions
Dell Latitude 7320 Detachable	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 7420 Firmware	Before 1.20.0

Running on/with	Platform Versions
Dell Latitude 7420	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 7520 Firmware	Before 1.20.0

Running on/with	Platform Versions
Dell Latitude 7520	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 9420 Firmware	Before 1.16.2

Running on/with	Platform Versions
Dell Latitude 9420	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 9520 Firmware	Before 1.17.0

Running on/with	Platform Versions
Dell Latitude 9520	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude Rugged 5430 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Latitude Rugged 5430	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude Rugged 7330 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Latitude Rugged 7330	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Latitude 5421 Firmware	Before 1.15.0

Running on/with	Platform Versions
Dell Latitude 5421	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Optiplex 5090 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Optiplex 5090	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Optiplex 5490 All In One Firmware	Before 1.15.0

Running on/with	Platform Versions
Dell Optiplex 5490 All In One	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Optiplex 7090 Tower Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Optiplex 7090 Tower	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Optiplex 7090 Ultra Firmware	Before 1.15.0

Running on/with	Platform Versions
Dell Optiplex 7090 Ultra	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Optiplex 7090 Aio Firmware	Before 1.15.0

Running on/with	Platform Versions
Dell Optiplex 7090 Aio	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 3450 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Precision 3450	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 3560 Firmware	Before 1.24.3

Running on/with	Platform Versions
Dell Precision 3560	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 3561 Firmware	Before 1.17.3

Running on/with	Platform Versions
Dell Precision 3561	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 3650 Tower Firmware	Before 1.16.0

Running on/with	Platform Versions
Dell Precision 3650 Tower	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 5560 Firmware	Before 1.15.2

Running on/with	Platform Versions
Dell Precision 5560	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 5760 Firmware	Before 1.15.2

Running on/with	Platform Versions
Dell Precision 5760	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 7560 Firmware	Before 1.16.0

Running on/with	Platform Versions
Dell Precision 7560	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Precision 7760 Firmware	Before 1.16.0

Running on/with	Platform Versions
Dell Precision 7760	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3405 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Vostro 3405	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3425 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Vostro 3425	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3510 Firmware	Before 1.18.2

Running on/with	Platform Versions
Dell Vostro 3510	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3515 Firmware	Before 1.9.0

Running on/with	Platform Versions
Dell Vostro 3515	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3525 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Vostro 3525	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3690 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Vostro 3690	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 3890 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Vostro 3890	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5310 Firmware	Before 2.15.0

Running on/with	Platform Versions
Dell Vostro 5310	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5410 Firmware	Before 2.15.2

Running on/with	Platform Versions
Dell Vostro 5410	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5415 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell Vostro 5415	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5510 Firmware	Before 2.15.2

Running on/with	Platform Versions
Dell Vostro 5510	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5515 Firmware	Before 1.13.0

Running on/with	Platform Versions
Dell Vostro 5515	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5625 Firmware	Before 1.5.0

Running on/with	Platform Versions
Dell Vostro 5625	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 5890 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Vostro 5890	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Vostro 7510 Firmware	Before 1.12.0

Running on/with	Platform Versions
Dell Vostro 7510	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Xps 15 9510 Firmware	Before 1.15.2

Running on/with	Platform Versions
Dell Xps 15 9510	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Xps 17 9710 Firmware	Before 1.15.2

Running on/with	Platform Versions
Dell Xps 17 9710	All versions

Related CWEs

CWE-121

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.dell.com/support/kbdoc/000205716

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/000205716

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.