Lucene search
HistoryOct 12, 2022 - 8:15 p.m.
CVE-2022-34391
dell
bios
cve-2022-34391
vulnerability
input validation
smram
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Affected configurations
Node
dellalienware_area-51_r5_firmwareRange<2.0.6
dellalienware_area-51_r5Match-
Node
dellalienware_area-51_r4_firmwareRange<2.0.6
dellalienware_area-51_r4Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| dell:alienware_area-51_r5_firmware | dell alienware area-51 r5 firmware | lt | 2.0.6 |
CNA Affected
[
{
"vendor": "Dell",
"product": "CPG BIOS",
"versions": [
{
"version": "unspecified",
"lessThan": "1.2.15",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Input validation
2022-10-12 20:15:00
cnvd
cnvd
Dell BIOS Buffer Overflow Vulnerability
2022-10-14 00:00:00
nvd
nvd
CVE-2022-34391
2022-10-12 20:15:11
cvelist
cvelist
CVE-2022-34391
2022-09-30 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2022-34391