Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-31226
HistorySep 12, 2022 - 7:15 p.m.

CVE-2022-31226

2022-09-1219:15:09
CWE-121
CWE-787
[email protected]
web.nvd.nist.gov
31
6
dell
bios
stack-based
buffer overflow
vulnerability
nvd
cve-2022-31226

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.5%

JSON

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Affected configurations

NVD
Node
dellchengming_3900_firmwareRange<1.1.66
AND
dellchengming_3900Match-
Node
dellinspiron_14_plus_7420_firmwareRange<1.2.0
AND
dellinspiron_14_plus_7420Match-
Node
dellinspiron_16_plus_7620_firmwareRange<1.2.0
AND
dellinspiron_16_plus_7620Match-
Node
dellinspiron_3910_firmwareRange<1.1.66
AND
dellinspiron_3910Match-
Node
dellinspiron_5320_firmwareRange<1.1.0
AND
dellinspiron_5320Match-
Node
dellinspiron_5420_firmwareRange<1.4.1
AND
dellinspiron_5420Match-
Node
dellinspiron_5620_firmwareRange<1.4.1
AND
dellinspiron_5620Match-
Node
dellinspiron_7420_firmwareRange<1.3.0
AND
dellinspiron_7420Match-
Node
dellinspiron_7620_firmwareRange<1.3.0
AND
dellinspiron_7620Match-
Node
delloptiplex_3000_firmwareRange<1.1.66
AND
delloptiplex_3000Match-
Node
delloptiplex_3000_thin_client_firmwareRange<1.0.7
AND
delloptiplex_3000_thin_clientMatch-
Node
delloptiplex_5000_firmwareRange<1.3.62
AND
delloptiplex_5000Match-
Node
delloptiplex_5400_firmwareRange<1.0.13
AND
delloptiplex_5400Match-
Node
delloptiplex_7000_firmwareRange<1.3.62
AND
delloptiplex_7000Match-
Node
delloptiplex_7000_oem_firmwareRange<1.3.62
AND
delloptiplex_7000_oemMatch-
Node
delloptiplex_7400_firmwareRange<1.0.13
AND
delloptiplex_7400Match-
Node
dellprecision_3460_small_form_factor_firmwareRange<1.3.62
AND
dellprecision_3460_small_form_factorMatch-
Node
dellprecision_3660_tower_firmwareRange<1.3.71
AND
dellprecision_3660_towerMatch-
Node
dellprecision_5770_firmwareRange<1.6.0
AND
dellprecision_5770Match-
Node
dellvostro_3710_firmwareRange<1.1.66
AND
dellvostro_3710Match-
Node
dellvostro_3910_firmwareRange<1.1.66
AND
dellvostro_3910Match-
Node
dellvostro_5320_firmwareRange<1.1.0
AND
dellvostro_5320Match-
Node
dellvostro_5620_firmwareRange<1.4.1
AND
dellvostro_5620Match-
Node
dellvostro_7620_firmwareRange<1.2.0
AND
dellvostro_7620Match-
Node
dellxps_17_9720_firmwareRange<1.6.0
AND
dellxps_17_9720Match-

CNA Affected

[
  {
    "product": "CPG BIOS",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "21Q4 platforms",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

Related

prion 1
cvelist 1
cnvd 1
nvd 1
prion
prion
Stack overflow
2022-09-12 19:15:00
cvelist
cvelist
CVE-2022-31226
2022-08-05 00:00:00
cnvd
cnvd
Dell BIOS Buffer Overflow Vulnerability (CNVD-2023-08766)
2022-09-15 00:00:00
nvd
nvd
CVE-2022-31226
2022-09-12 19:15:09

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.5%

JSON
Related for CVE-2022-31226
prion1cvelist1cnvd1nvd1