Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Dell
  • Dell G5 5505
  • Dell G5 5505 Firmware
  • Inspiron 22-3275
  • Inspiron 22-3275 Firmware
  • Inspiron 24-3475
  • Inspiron 24-3475 Firmware
  • Inspiron 27 7775
  • Inspiron 27 7775 Firmware
  • Inspiron 3180
  • Inspiron 3180 Firmware
  • Inspiron 3185
  • Inspiron 3185 Firmware
  • Inspiron 3195
  • Inspiron 3195 Firmware
  • Inspiron 3505
  • Inspiron 3505 Firmware
  • Inspiron 3515
  • Inspiron 3515 Firmware
  • Inspiron 3585
  • Inspiron 3585 Firmware
  • Inspiron 3595
  • Inspiron 3595 Firmware
  • Inspiron 3785
  • Inspiron 3785 Firmware
  • Inspiron 5405
  • Inspiron 5405 Firmware
  • Inspiron 5415
  • Inspiron 5415 Firmware
  • Inspiron 5485
  • Inspiron 5485 Firmware
  • Inspiron 5505
  • Inspiron 5505 Firmware
  • Inspiron 5515
  • Inspiron 5515 Firmware
  • Inspiron 5575
  • Inspiron 5575 Firmware
  • Inspiron 5585
  • Inspiron 5585 Firmware
  • Inspiron 5675
  • Inspiron 5675 Firmware
  • Inspiron 5775
  • Inspiron 5775 Firmware
  • Inspiron 7375
  • Inspiron 7375 Firmware
  • Inspiron 7405
  • Inspiron 7405 Firmware
  • Inspiron 7415
  • Inspiron 7415 Firmware
  • Vostro 3405
  • Vostro 3405 Firmware
  • Vostro 3515
  • Vostro 3515 Firmware
  • Vostro 5415
  • Vostro 5415 Firmware
  • Vostro 5515
  • Vostro 5515 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:dell:dell_g5_5505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:dell_g5_5505:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:dell:inspiron_22-3275_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_22-3275:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:dell:inspiron_24-3475_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_24-3475:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:dell:inspiron_27_7775_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_27_7775:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:dell:inspiron_3180_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3180:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:dell:inspiron_3185_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3185:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:dell:inspiron_3195_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3195:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:dell:inspiron_3505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3505:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:dell:inspiron_3515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3515:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:dell:inspiron_3585_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3585:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:dell:inspiron_3595_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3595:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:dell:inspiron_3785_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3785:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:dell:inspiron_5405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5405:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:dell:inspiron_5415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5415:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:dell:inspiron_5485_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5485:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:dell:inspiron_5505_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5505:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:dell:inspiron_5515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5515:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:dell:inspiron_5575_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5575:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:dell:inspiron_5585_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5585:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:dell:inspiron_5675_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5675:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:dell:inspiron_5775_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5775:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:dell:inspiron_7375_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7375:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:dell:inspiron_7405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7405:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:dell:inspiron_7415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7415:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:dell:vostro_3405_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3405:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:dell:vostro_3515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3515:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:dell:vostro_5415_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5415:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:dell:vostro_5515_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5515:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://www.dell.com/support/kbdoc/en-us/000199285/dsa-2022-095 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2022-05-26T15:20:19.382956Z

Updated: 2024-09-16T20:27:17.052Z

Reserved: 2022-02-04T00:00:00

Link: CVE-2022-24417

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-05-26T16:15:07.987

Modified: 2022-06-07T17:03:35.390

Link: CVE-2022-24417

cve-icon Redhat

No data.