Lucene search

[email protected]NVD:CVE-2022-22558

HistoryApr 21, 2022 - 9:15 p.m.

CVE-2022-22558

2022-04-2121:15:07

CWE-119

[email protected]

web.nvd.nist.gov

dell poweredge

precision workstation

bios

smm communication

vulnerability

arbitrary writes

denial of service

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

12.6%

JSON

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service.

Affected configurations

Nvd

Node

dellr6415_firmwareRange<1.18.0

AND

dellr6415Match-

Node

dellr7415_firmwareRange<1.18.0

AND

dellr7415Match-

Node

dellr7425_firmwareRange<1.18.0

AND

dellr7425Match-

Node

dellr730_firmwareRange<2.14.0

AND

dellr730Match-

Node

dellr730xd_firmwareRange<2.14.0

AND

dellr730xdMatch-

Node

dellr630_firmwareRange<2.14.0

AND

dellr630Match-

Node

dellc4130_firmwareRange<2.14.0

AND

dellc4130Match-

Node

dellm630_firmwareRange<2.14.0

AND

dellm630Match-

Node

dellm630p_firmwareRange<2.14.0

AND

dellm630pMatch-

Node

dellfc630_firmwareRange<2.14.0

AND

dellfc630Match-

Node

dellfc430_firmwareRange<2.14.0

AND

dellfc430Match-

Node

dellm830_firmwareRange<2.14.0

AND

dellm830Match-

Node

dellm830p_firmwareRange<2.14.0

AND

dellm830pMatch-

Node

dellfc830_firmwareRange<2.14.0

AND

dellfc830Match-

Node

dellt630_firmwareRange<2.14.0

AND

dellt630Match-

Node

dellr530_firmwareRange<2.14.0

AND

dellr530Match-

Node

dellr430_firmwareRange<2.14.0

AND

dellr430Match-

Node

dellt430_firmwareRange<2.14.0

AND

dellt430Match-

Node

dellr830_firmwareRange<1.14.0

AND

dellr830Match-

Node

dellc6320_firmwareRange<2.14.1

AND

dellc6320Match-

VendorProductVersionCPE
dellr6415_firmware*cpe:2.3:o:dell:r6415_firmware:*:*:*:*:*:*:*:*
dellr6415-cpe:2.3:h:dell:r6415:-:*:*:*:*:*:*:*
dellr7415_firmware*cpe:2.3:o:dell:r7415_firmware:*:*:*:*:*:*:*:*
dellr7415-cpe:2.3:h:dell:r7415:-:*:*:*:*:*:*:*
dellr7425_firmware*cpe:2.3:o:dell:r7425_firmware:*:*:*:*:*:*:*:*
dellr7425-cpe:2.3:h:dell:r7425:-:*:*:*:*:*:*:*
dellr730_firmware*cpe:2.3:o:dell:r730_firmware:*:*:*:*:*:*:*:*
dellr730-cpe:2.3:h:dell:r730:-:*:*:*:*:*:*:*
dellr730xd_firmware*cpe:2.3:o:dell:r730xd_firmware:*:*:*:*:*:*:*:*
dellr730xd-cpe:2.3:h:dell:r730xd:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	r6415_firmware	*	cpe:2.3:o:dell:r6415_firmware::::::::
dell	r6415	-	cpe:2.3:h:dell:r6415:-:::::::*
dell	r7415_firmware	*	cpe:2.3:o:dell:r7415_firmware::::::::
dell	r7415	-	cpe:2.3:h:dell:r7415:-:::::::*
dell	r7425_firmware	*	cpe:2.3:o:dell:r7425_firmware::::::::
dell	r7425	-	cpe:2.3:h:dell:r7425:-:::::::*
dell	r730_firmware	*	cpe:2.3:o:dell:r730_firmware::::::::
dell	r730	-	cpe:2.3:h:dell:r730:-:::::::*
dell	r730xd_firmware	*	cpe:2.3:o:dell:r730xd_firmware::::::::
dell	r730xd	-	cpe:2.3:h:dell:r730xd:-:::::::*

Rows per page:

1-10 of 401

References

www.dell.com/support/kbdoc/000197971

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-22558

cvelist1 prion1 cve1