Lucene search
DellCVELIST:CVE-2022-32487HistoryOct 12, 2022 - 7:25 p.m.
CVE-2022-32487
2022-10-1219:25:37
CWE-20
dell
www.cve.org
4
dell bios
input validation
vulnerability
smi
arbitrary code execution
smram
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CNA Affected
[
{
"vendor": "Dell",
"product": "CPG BIOS",
"versions": [
{
"version": "unspecified",
"lessThan": "2.3",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Related
nvd
nvd
CVE-2022-32487
2022-10-12 20:15:10
cnvd
cnvd
Dell BIOS Input Validation Error Vulnerability (CNVD-2023-08762)
2022-10-14 00:00:00
prion
prion
Input validation
2022-10-12 20:15:00
cve
cve
CVE-2022-32487
2022-10-12 20:15:10
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2022-32487