Lucene search

DellCVELIST:CVE-2022-31220

HistorySep 12, 2022 - 6:35 p.m.

CVE-2022-31220

2022-09-1218:35:17

CWE-1038

dell

www.cve.org

dell bios

unchecked return value

vulnerability

administrator user

system failure

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures.

CNA Affected

[
  {
    "product": "CPG BIOS",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "21Q4 platforms",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000202196

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-31220