Lucene search
DellCVELIST:CVE-2022-24420HistoryMar 11, 2022 - 9:45 p.m.
CVE-2022-24420
2022-03-1121:45:19
CWE-119
dell
www.cve.org
7
dell
bios
vulnerability
input validation
smi
arbitrary code execution
smm
CVSS3
8.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.
CNA Affected
[
{
"product": "CPG BIOS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
Dell BIOS Input Validation Vulnerability
2022-03-14 00:00:00
prion
prion
Input validation
2022-03-11 22:15:00
cve
cve
CVE-2022-24420
2022-03-11 22:15:13
nvd
nvd
CVE-2022-24420
2022-03-11 22:15:13
thn
thn
CVSS3
8.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2022-24420