Lucene search

[email protected]CVE-2022-29083

HistoryAug 09, 2022 - 9:15 p.m.

CVE-2022-29083

2022-08-0921:15:07

CWE-287

[email protected]

web.nvd.nist.gov

dell

bios

cve-2022-29083

improper authentication

vulnerability

nvd

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing drive security mechanisms in order to gain access to the system.

Affected configurations

NVD

Node

dellchengming_3980Match-

AND

dellchengming_3980_firmwareRange<2.23.0

Node

dellchengming_3990Match-

AND

dellchengming_3990_firmwareRange<1.11.0

Node

dellchengming_3991Match-

AND

dellchengming_3991_firmwareRange<1.11.0

Node

dellg3_3579Match-

AND

dellg3_3579_firmwareRange<1.21.0

Node

dellg3_3779Match-

AND

dellg3_3779_firmwareRange<1.21.0

Node

dellg5_5587Match-

AND

dellg5_5587_firmwareRange<1.21.0

Node

dellg5_5000Match-

AND

dellg5_5000_firmwareRange<1.7.0

Node

dellg5_5090Match-

AND

dellg5_5090_firmwareRange<1.14.0

Node

dellg7_7588_firmwareRange<1.21.0

AND

dellg7_7588Match-

Node

dellinspiron_3470_firmwareRange<2.23.0

AND

dellinspiron_3470Match-

Node

dellinspiron_3480_firmwareRange<1.19.0

AND

dellinspiron_3480Match-

Node

dellinspiron_3493_firmwareRange<1.19.0

AND

dellinspiron_3493Match-

Node

dellinspiron_3501_firmwareRange<1.11.0

AND

dellinspiron_3501Match-

Node

dellinspiron_3580_firmwareRange<1.19.0

AND

dellinspiron_3580Match-

Node

dellinspiron_3593_firmwareRange<1.19.0

AND

dellinspiron_3593Match-

Node

dellinspiron_3670_firmwareRange<2.23.0

AND

dellinspiron_3670Match-

Node

dellinspiron_3780_firmwareRange<1.19.0

AND

dellinspiron_3780Match-

Node

dellinspiron_3790_firmwareRange<1.16.0

AND

dellinspiron_3790Match-

Node

dellinspiron_3793_firmwareRange<1.19.0

AND

dellinspiron_3793Match-

Node

dellinspiron_3880_firmwareRange<1.11.0

AND

dellinspiron_3880Match-

Node

dellinspiron_3881_firmwareRange<1.11.0

AND

dellinspiron_3881Match-

Node

dellinspiron_5310_firmwareRange<2.6.1

AND

dellinspiron_5310Match-

Node

dellinspiron_5410_firmwareRange<2.6.1

AND

dellinspiron_5410Match-

Node

dellinspiron_5493_firmwareRange<1.19.0

AND

dellinspiron_5493Match-

Node

dellinspiron_5494_firmwareRange<1.16.0

AND

dellinspiron_5494Match-

Node

dellinspiron_5510_firmwareRange<2.6.1

AND

dellinspiron_5510Match-

Node

dellinspiron_5593Match-

AND

dellinspiron_5593_firmwareRange<1.19.0

Node

dellinspiron_5594_firmwareRange<1.16.0

AND

dellinspiron_5594Match-

Node

dellinspiron_7490_firmwareRange<1.11.0

AND

dellinspiron_7490Match-

Node

dellinspiron_7510_firmwareRange<1.4.0

AND

dellinspiron_7510Match-

Node

dellinspiron_7610_firmwareRange<1.4.0

AND

dellinspiron_7610Match-

Node

delllatitude_3120_firmwareRange<1.9.2

AND

delllatitude_3120Match-

Node

delllatitude_3190_firmwareRange<1.21.1

AND

delllatitude_3190Match-

Node

delllatitude_3320_firmwareRange<1.8.2

AND

delllatitude_3320Match-

Node

delllatitude_5310_firmwareRange<1.9.1

AND

delllatitude_5310Match-

Node

delllatitude_5410_firmwareRange<1.8.1

AND

delllatitude_5410Match-

Node

delllatitude_5411_firmwareRange<1.8.1

AND

delllatitude_5411Match-

Node

delllatitude_5491_firmwareRange<1.21.1

AND

delllatitude_5491Match-

Node

delllatitude_5510_firmwareRange<1.8.1

AND

delllatitude_5510Match-

Node

delllatitude_5511_firmwareRange<1.8.1

AND

delllatitude_5511Match-

Node

delllatitude_5591_firmwareRange<1.21.1

AND

delllatitude_5591Match-

Node

delllatitude_7210_firmwareRange<1.9.1

AND

delllatitude_7210Match-

Node

delllatitude_7310_firmwareRange<1.9.1

AND

delllatitude_7310Match-

Node

delllatitude_7410_firmwareRange<1.9.1

AND

delllatitude_7410Match-

Node

delllatitude_9410_firmwareRange<1.9.1

AND

delllatitude_9410Match-

Node

delllatitude_9510_firmwareRange<1.8.1

AND

delllatitude_9510Match-

Node

delloptiplex_3060_firmwareRange<1.20.0

AND

delloptiplex_3060Match-

Node

delloptiplex_3070_firmwareRange<1.15.0

AND

delloptiplex_3070Match-

Node

delloptiplex_3080_firmwareRange<2.11.0

AND

delloptiplex_3080Match-

Node

delloptiplex_3090_firmwareRange<2.4.0

AND

delloptiplex_3090Match-

Node

delloptiplex_5060_firmwareRange<1.20.0

AND

delloptiplex_5060Match-

Node

delloptiplex_5070_firmwareRange<1.15.0

AND

delloptiplex_5070Match-

Node

delloptiplex_5080Match-

AND

delloptiplex_5080_firmwareRange<1.11.0

Node

delloptiplex_5260Match-

AND

delloptiplex_5260_firmwareRange<1.20.1

Node

delloptiplex_5270Match-

AND

delloptiplex_5270_firmwareRange<1.15.1

Node

delloptiplex_7060Match-

AND

delloptiplex_7060_firmwareRange<1.20.0

Node

delloptiplex_7070Match-

AND

delloptiplex_7070_firmwareRange<1.15.0

Node

delloptiplex_7070_ultraMatch-

AND

delloptiplex_7070_ultra_firmwareRange<1.13.2

Node

delloptiplex_7071Match-

AND

delloptiplex_7071_firmwareRange<1.14.1

Node

delloptiplex_7080Match-

AND

delloptiplex_7080_firmwareRange<1.11.0

Node

delloptiplex_7460_firmwareRange<1.20.1

AND

delloptiplex_7460Match-

Node

delloptiplex_7470_firmwareRange<1.15.1

AND

delloptiplex_7470Match-

Node

delloptiplex_7760_firmwareRange<1.20.1

AND

delloptiplex_7760Match-

Node

delloptiplex_7770_firmwareRange<1.15.1

AND

delloptiplex_7770Match-

Node

delloptiplex_xe3_firmwareRange<1.20.0

AND

delloptiplex_xe3Match-

Node

dellprecision_3240_compact_firmwareRange<1.12.0

AND

dellprecision_3240_compactMatch-

Node

dellprecision_3430_tower_firmwareRange<1.19.0

AND

dellprecision_3430_towerMatch-

Node

dellprecision_3431_tower_firmwareRange<1.14.0

AND

dellprecision_3431_towerMatch-

Node

dellprecision_3440Match-

AND

dellprecision_3440_firmwareRange<1.11.0

Node

dellprecision_3530Match-

AND

dellprecision_3530_firmwareRange<1.21.1

Node

dellprecision_3550Match-

AND

dellprecision_3550_firmwareRange<1.8.1

Node

dellprecision_3551Match-

AND

dellprecision_3551_firmwareRange<1.8.1

Node

dellprecision_3630_towerMatch-

AND

dellprecision_3630_tower_firmwareRange<2.14.1

Node

dellprecision_3640_towerMatch-

AND

dellprecision_3640_tower_firmwareRange<1.15.0

Node

dellprecision_3650_towerMatch-

AND

dellprecision_3650_tower_firmwareRange<1.7.0

Node

dellprecision_3930_rackMatch-

AND

dellprecision_3930_rack_firmwareRange<2.19.2

Node

dellprecision_7530Match-

AND

dellprecision_7530_firmwareRange<1.22.1

Node

dellprecision_7540Match-

AND

dellprecision_7540_firmwareRange<1.20.2

Node

dellprecision_7550Match-

AND

dellprecision_7550_firmwareRange<1.10.1

Node

dellprecision_7730Match-

AND

dellprecision_7730_firmwareRange<1.22.1

Node

dellprecision_7740_firmwareRange<1.20.2

AND

dellprecision_7740Match-

Node

dellprecision_7750_firmwareRange<1.10.1

AND

dellprecision_7750Match-

Node

dellvostro_15_7580_firmwareRange<1.21.0

AND

dellvostro_15_7580Match-

Node

dellvostro_3070_firmwareRange<2.23.0

AND

dellvostro_3070Match-

Node

dellvostro_3401_firmwareRange<1.11.0

AND

dellvostro_3401Match-

Node

dellvostro_3470_firmwareRange<2.23.0

AND

dellvostro_3470Match-

Node

dellvostro_3480_firmwareRange<1.19.0

AND

dellvostro_3480Match-

Node

dellvostro_3490_firmwareRange<1.16.0

AND

dellvostro_3490Match-

Node

dellvostro_3501_firmwareRange<1.11.0

AND

dellvostro_3501Match-

Node

dellvostro_3580_firmwareRange<1.19.0

AND

dellvostro_3580Match-

Node

dellvostro_3583_firmwareRange<1.19.0

AND

dellvostro_3583Match-

Node

dellvostro_3590_firmwareRange<1.16.0

AND

dellvostro_3590Match-

Node

dellvostro_3670_firmwareRange<2.23.0

AND

dellvostro_3670Match-

Node

dellvostro_3681_firmwareRange<2.11.0

AND

dellvostro_3681Match-

Node

dellvostro_3881_firmwareRange<2.11.0

AND

dellvostro_3881Match-

Node

dellvostro_3888_firmwareRange<2.11.0

AND

dellvostro_3888Match-

Node

dellvostro_5090_firmwareRange<1.14.0

AND

dellvostro_5090Match-

Node

dellvostro_5310_firmwareRange<2.6.1

AND

dellvostro_5310Match-

Node

dellvostro_5410_firmwareRange<2.6.1

AND

dellvostro_5410Match-

Node

dellvostro_5491_firmwareRange<1.19.0

AND

dellvostro_5491Match-

Node

dellvostro_5510_firmwareRange<2.6.1

AND

dellvostro_5510Match-

Node

dellvostro_5591_firmwareRange<1.19.0

AND

dellvostro_5591Match-

Node

dellvostro_5880_firmwareRange<1.11.0

AND

dellvostro_5880Match-

Node

dellvostro_7510_firmwareRange<1.4.0

AND

dellvostro_7510Match-

Node

dellwyse_5070_firmwareRange<1.17.0

AND

dellwyse_5070Match-

Node

dellwyse_5470_firmwareRange<1.14.0

AND

dellwyse_5470Match-

Node

dellwyse_5470_all-in-one_firmwareRange<1.15.0

AND

dellwyse_5470_all-in-oneMatch-

Node

dellxps_8940_firmwareRange<2.6.0

AND

dellxps_8940Match-

CPENameOperatorVersion
dell:chengming_3980_firmwaredell chengming 3980 firmwarelt2.23.0

CPE	Name	Operator	Version
dell:chengming_3980_firmware	dell chengming 3980 firmware	lt	2.23.0

CNA Affected

[
  {
    "product": "CPG BIOS",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "9-12",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000201396

Social References

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2022-29083

prion1 nvd1 cvelist1