Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-34400
HistoryFeb 01, 2023 - 5:15 a.m.

CVE-2022-34400

2023-02-0105:15:12
CWE-787
CWE-122
[email protected]
web.nvd.nist.gov
26
dell
bios
heap buffer overflow
vulnerability
local attacker
admin privileges
exploit
smram
smm
cve-2022-34400

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.

Affected configurations

NVD
Node
dellalienware_m15_r6_firmwareRange<1.17.0
AND
dellalienware_m15_r6Match-
Node
dellalienware_m15_r7_firmwareRange<1.4.3
AND
dellalienware_m15_r7Match-
Node
dellalienware_m15_ryzen_edition_r5_firmwareRange<1.8.0
AND
dellalienware_m15_ryzen_edition_r5Match-
Node
dellalienware_m17_r5_amd_firmwareRange<1.4.3
AND
dellalienware_m17_r5_amdMatch-
Node
dellg15_5510_firmwareRange<1.16.0
AND
dellg15_5510Match-
Node
dellg15_5511_firmwareRange<1.18.0
AND
dellg15_5511Match-
Node
dellg15_5515_firmwareRange<1.8.0
AND
dellg15_5515Match-
Node
dellg15_5525_firmwareRange<1.4.3
AND
dellg15_5525Match-
Node
dellg5_se_5505_firmwareRange<1.13.0
AND
dellg5_se_5505Match-
Node
dellinspiron_14_5410_2-in-1_firmwareRange<2.15.2
AND
dellinspiron_14_5410_2-in-1Match-
Node
dellinspiron_15_3511_firmwareRange<1.18.2
AND
dellinspiron_15_3511Match-
Node
dellinspiron_3195_2-in-1_firmwareRange<1.6.0
AND
dellinspiron_3195_2-in-1Match-
Node
dellinspiron_3275_firmwareRange<1.9.2
AND
dellinspiron_3275Match-
Node
dellinspiron_3475_firmwareRange<1.9.2
AND
dellinspiron_3475Match-
Node
dellinspiron_3505_firmwareRange<1.9.0
AND
dellinspiron_3505Match-
Node
dellinspiron_3515_firmwareRange<1.9.0
AND
dellinspiron_3515Match-
Node
dellinspiron_3525_firmwareRange<1.5.0
AND
dellinspiron_3525Match-
Node
dellinspiron_3585_firmwareRange<1.10.0
AND
dellinspiron_3585Match-
Node
dellinspiron_3595_firmwareRange<1.5.0
AND
dellinspiron_3595Match-
Node
dellinspiron_3785_firmwareRange<1.10.0
AND
dellinspiron_3785Match-
Node
dellinspiron_3891_firmwareRange<1.12.0
AND
dellinspiron_3891Match-
Node
dellinspiron_5310_firmwareRange<2.15.0
AND
dellinspiron_5310Match-
Node
dellinspiron_5405_firmwareRange<1.9.0
AND
dellinspiron_5405Match-
Node
dellinspiron_5410_firmwareRange<2.14.0
AND
dellinspiron_5410Match-
Node
dellinspiron_5415_firmwareRange<1.13.0
AND
dellinspiron_5415Match-
Node
dellinspiron_5425_firmwareRange<1.5.0
AND
dellinspiron_5425Match-
Node
dellinspiron_5485_firmwareRange<2.11.0
AND
dellinspiron_5485Match-
Node
dellinspiron_5485_2-in-1_firmwareRange<2.11.0
AND
dellinspiron_5485_2-in-1Match-
Node
dellinspiron_5505_firmwareRange<1.9.0
AND
dellinspiron_5505Match-
Node
dellinspiron_5510_firmwareRange<2.15.2
AND
dellinspiron_5510Match-
Node
dellinspiron_5515_firmwareRange<1.13.0
AND
dellinspiron_5515Match-
Node
dellinspiron_5585_firmwareRange<2.11.0
AND
dellinspiron_5585Match-
Node
dellinspiron_7405_2-in-1_firmwareRange<1.10.1
AND
dellinspiron_7405_2-in-1Match-
Node
dellinspiron_7415_firmwareRange<1.13.0
AND
dellinspiron_7415Match-
Node
dellinspiron_7425_firmwareRange<1.5.0
AND
dellinspiron_7425Match-
Node
dellinspiron_7510_firmwareRange<1.12.0
AND
dellinspiron_7510Match-
Node
dellinspiron_7610_firmwareRange<1.12.0
AND
dellinspiron_7610Match-
Node
delllatitude_3320_firmwareRange<1.18.2
AND
delllatitude_3320Match-
Node
delllatitude_3420_firmwareRange<1.23.2
AND
delllatitude_3420Match-
Node
delllatitude_3520_firmwareRange<1.23.2
AND
delllatitude_3520Match-
Node
delllatitude_5320_firmwareRange<1.24.3
AND
delllatitude_5320Match-
Node
delllatitude_5420_firmwareRange<1.22.0
AND
delllatitude_5420Match-
Node
delllatitude_5520_firmwareRange<1.24.3
AND
delllatitude_5520Match-
Node
delllatitude_5521_firmwareRange<1.17.3
AND
delllatitude_5521Match-
Node
delllatitude_7320_firmwareRange<1.20.0
AND
delllatitude_7320Match-
Node
delllatitude_7320_detachable_firmwareRange<1.17.2
AND
delllatitude_7320_detachableMatch-
Node
delllatitude_7420_firmwareRange<1.20.0
AND
delllatitude_7420Match-
Node
delllatitude_7520_firmwareRange<1.20.0
AND
delllatitude_7520Match-
Node
delllatitude_9420_firmwareRange<1.16.2
AND
delllatitude_9420Match-
Node
delllatitude_9520_firmwareRange<1.17.0
AND
delllatitude_9520Match-
Node
delllatitude_rugged_5430_firmwareRange<1.12.0
AND
delllatitude_rugged_5430Match-
Node
delllatitude_rugged_7330_firmwareRange<1.12.0
AND
delllatitude_rugged_7330Match-
Node
delllatitude_5421_firmwareRange<1.15.0
AND
delllatitude_5421Match-
Node
delloptiplex_5090_firmwareRange<1.12.0
AND
delloptiplex_5090Match-
Node
delloptiplex_5490_all-in-one_firmwareRange<1.15.0
AND
delloptiplex_5490_all-in-oneMatch-
Node
delloptiplex_7090_tower_firmwareRange<1.12.0
AND
delloptiplex_7090_towerMatch-
Node
delloptiplex_7090_ultra_firmwareRange<1.15.0
AND
delloptiplex_7090_ultraMatch-
Node
delloptiplex_7090_aio_firmwareRange<1.15.0
AND
delloptiplex_7090_aioMatch-
Node
dellprecision_3450_firmwareRange<1.12.0
AND
dellprecision_3450Match-
Node
dellprecision_3560_firmwareRange<1.24.3
AND
dellprecision_3560Match-
Node
dellprecision_3561_firmwareRange<1.17.3
AND
dellprecision_3561Match-
Node
dellprecision_3650_tower_firmwareRange<1.16.0
AND
dellprecision_3650_towerMatch-
Node
dellprecision_5560_firmwareRange<1.15.2
AND
dellprecision_5560Match-
Node
dellprecision_5760_firmwareRange<1.15.2
AND
dellprecision_5760Match-
Node
dellprecision_7560_firmwareRange<1.16.0
AND
dellprecision_7560Match-
Node
dellprecision_7760_firmwareRange<1.16.0
AND
dellprecision_7760Match-
Node
dellvostro_3405_firmwareRange<1.9.0
AND
dellvostro_3405Match-
Node
dellvostro_3425_firmwareRange<1.5.0
AND
dellvostro_3425Match-
Node
dellvostro_3510_firmwareRange<1.18.2
AND
dellvostro_3510Match-
Node
dellvostro_3515_firmwareRange<1.9.0
AND
dellvostro_3515Match-
Node
dellvostro_3525_firmwareRange<1.5.0
AND
dellvostro_3525Match-
Node
dellvostro_3690_firmwareRange<1.12.0
AND
dellvostro_3690Match-
Node
dellvostro_3890_firmwareRange<1.12.0
AND
dellvostro_3890Match-
Node
dellvostro_5310_firmwareRange<2.15.0
AND
dellvostro_5310Match-
Node
dellvostro_5410_firmwareRange<2.15.2
AND
dellvostro_5410Match-
Node
dellvostro_5415_firmwareRange<1.13.0
AND
dellvostro_5415Match-
Node
dellvostro_5510_firmwareRange<2.15.2
AND
dellvostro_5510Match-
Node
dellvostro_5515_firmwareRange<1.13.0
AND
dellvostro_5515Match-
Node
dellvostro_5625_firmwareRange<1.5.0
AND
dellvostro_5625Match-
Node
dellvostro_5890_firmwareRange<1.12.0
AND
dellvostro_5890Match-
Node
dellvostro_7510_firmwareRange<1.12.0
AND
dellvostro_7510Match-
Node
dellxps_15_9510_firmwareRange<1.15.2
AND
dellxps_15_9510Match-
Node
dellxps_17_9710_firmwareRange<1.15.2
AND
dellxps_17_9710Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CPG BIOS",
    "vendor": "Dell",
    "versions": [
      {
        "lessThanOrEqual": "2.15.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2022-34400
2023-02-01 04:24:36
nvd
nvd
CVE-2022-34400
2023-02-01 05:15:12
prion
prion
Heap overflow
2023-02-01 05:15:00

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2022-34400
cvelist1nvd1prion1