Versio.io

CVE-2022-24421

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-03-2022 11:15
Last modified: - 18-03-2022 09:20
Total changes: - 3

Description

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
7.8
Base score
1.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=dell AND product=alienware_13_r3_firmware AND versionEndExcluding=1.16.1
OR
vendor=dell AND product=alienware_13_r3 AND version=-
AND
OR
vendor=dell AND product=alienware_15_r3_firmware AND versionEndExcluding=1.16.1
OR
vendor=dell AND product=alienware_15_r3 AND version=-
AND
OR
vendor=dell AND product=alienware_15_r4_firmware AND versionEndExcluding=1.17.0
OR
vendor=dell AND product=alienware_15_r4 AND version=-
AND
OR
vendor=dell AND product=alienware_17_r4_firmware AND versionEndExcluding=1.16.1
OR
vendor=dell AND product=alienware_17_r4 AND version=-
AND
OR
vendor=dell AND product=alienware_17_r5_firmware AND versionEndExcluding=1.17.0
OR
vendor=dell AND product=alienware_17_r5 AND version=-
AND
OR
vendor=dell AND product=alienware_area_51m_r1_firmware AND versionEndExcluding=1.18.0
OR
vendor=dell AND product=alienware_area_51m_r1 AND version=-
AND
OR
vendor=dell AND product=alienware_area_51m_r2_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=alienware_area_51m_r2 AND version=-
AND
OR
vendor=dell AND product=alienware_aurora_r8_firmware AND versionEndExcluding=1.0.20
OR
vendor=dell AND product=alienware_aurora_r8 AND version=-
AND
OR
vendor=dell AND product=alienware_m15_r2_firmware AND versionEndExcluding=1.12.0
OR
vendor=dell AND product=alienware_m15_r2 AND version=-
AND
OR
vendor=dell AND product=alienware_m15_r3_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=alienware_m15_r3 AND version=-
AND
OR
vendor=dell AND product=alienware_m15_r4_firmware AND versionEndExcluding=1.8.0
OR
vendor=dell AND product=alienware_m15_r4 AND version=-
AND
OR
vendor=dell AND product=alienware_m17_r2_firmware AND versionEndExcluding=1.12.0
OR
vendor=dell AND product=alienware_m17_r2 AND version=-
AND
OR
vendor=dell AND product=alienware_m17_r3_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=alienware_m17_r3 AND version=-
AND
OR
vendor=dell AND product=alienware_m17_r4_firmware AND versionEndExcluding=1.8.0
OR
vendor=dell AND product=alienware_m17_r4 AND version=-
AND
OR
vendor=dell AND product=alienware_x15_r1_firmware AND versionEndExcluding=1.7.0
OR
vendor=dell AND product=alienware_x15_r1 AND version=-
AND
OR
vendor=dell AND product=alienware_x17_r1_firmware AND versionEndExcluding=1.7.0
OR
vendor=dell AND product=alienware_x17_r1 AND version=-
AND
OR
vendor=dell AND product=edge_gateway_3000_firmware AND versionEndExcluding=1.7.0
OR
vendor=dell AND product=edge_gateway_3000 AND version=-
AND
OR
vendor=dell AND product=edge_gateway_5000_firmware AND versionEndExcluding=1.17.0
OR
vendor=dell AND product=edge_gateway_5000 AND version=-
AND
OR
vendor=dell AND product=edge_gateway_5100_firmware AND versionEndExcluding=1.17.0
OR
vendor=dell AND product=edge_gateway_5100 AND version=-
AND
OR
vendor=dell AND product=embedded_box_pc_3000_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=embedded_box_pc_3000 AND version=-
AND
OR
vendor=dell AND product=embedded_box_pc_5000_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=embedded_box_pc_5000 AND version=-
AND
OR
vendor=dell AND product=inspiron_14_3473_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=inspiron_14_3473 AND version=-
AND
OR
vendor=dell AND product=inspiron_15_3573_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=inspiron_15_3573 AND version=-
AND
OR
vendor=dell AND product=inspiron_15_5566_firmware AND versionEndExcluding=1.18.0
OR
vendor=dell AND product=inspiron_15_5566 AND version=-
AND
OR
vendor=dell AND product=inspiron_3277_firmware AND versionEndExcluding=1.19.0
OR
vendor=dell AND product=inspiron_3277 AND version=-
AND
OR
vendor=dell AND product=inspiron_3465_firmware AND versionEndExcluding=1.12.0
OR
vendor=dell AND product=inspiron_3465 AND version=-
AND
OR
vendor=dell AND product=inspiron_3477_firmware AND versionEndExcluding=1.19.0
OR
vendor=dell AND product=inspiron_3477 AND version=-
AND
OR
vendor=dell AND product=inspiron_3482_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=inspiron_3482 AND version=-
AND
OR
vendor=dell AND product=inspiron_3502_firmware AND versionEndExcluding=1.7.0
OR
vendor=dell AND product=inspiron_3502 AND version=-
AND
OR
vendor=dell AND product=inspiron_3510_firmware AND versionEndExcluding=1.6.0
OR
vendor=dell AND product=inspiron_3510 AND version=-
AND
OR
vendor=dell AND product=inspiron_3565_firmware AND versionEndExcluding=1.12.0
OR
vendor=dell AND product=inspiron_3565 AND version=-
AND
OR
vendor=dell AND product=inspiron_3582_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=inspiron_3582 AND version=-
AND
OR
vendor=dell AND product=inspiron_3782_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=inspiron_3782 AND version=-
AND
OR
vendor=dell AND product=latitude_3379_firmware AND versionEndExcluding=1.0.34
OR
vendor=dell AND product=latitude_3379 AND version=-
AND
OR
vendor=dell AND product=vostro_14_5468_firmware AND versionEndExcluding=1.19.0
OR
vendor=dell AND product=vostro_14_5468 AND version=-
AND
OR
vendor=dell AND product=vostro_15_5568_firmware AND versionEndExcluding=1.19.0
OR
vendor=dell AND product=vostro_15_5568 AND version=-
AND
OR
vendor=dell AND product=vostro_3267_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3267 AND version=-
AND
OR
vendor=dell AND product=vostro_3268_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3268 AND version=-
AND
OR
vendor=dell AND product=vostro_3572_firmware AND versionEndExcluding=1.14.0
OR
vendor=dell AND product=vostro_3572 AND version=-
AND
OR
vendor=dell AND product=vostro_3582_firmware AND versionEndExcluding=1.13.0
OR
vendor=dell AND product=vostro_3582 AND version=-
AND
OR
vendor=dell AND product=vostro_3660_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3660 AND version=-
AND
OR
vendor=dell AND product=vostro_3667_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3667 AND version=-
AND
OR
vendor=dell AND product=vostro_3668_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3668 AND version=-
AND
OR
vendor=dell AND product=vostro_3669_firmware AND versionEndExcluding=1.20.0
OR
vendor=dell AND product=vostro_3669 AND version=-
AND
OR
vendor=dell AND product=wyse_7040_thin_client_firmware AND versionEndExcluding=1.15.0
OR
vendor=dell AND product=wyse_7040_thin_client AND version=-
AND
OR
vendor=dell AND product=xps_8930_firmware AND versionEndExcluding=1.1.21
OR
vendor=dell AND product=xps_8930 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-24421

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.