CVE-2022-22558 - OpenCVE

Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Dell	C4130 Firmware M630p Firmware M830 R830 T430 R830 Firmware R430 Firmware Fc430 Firmware R430 R6415 Firmware Fc830 Firmware R7415 R6415 M830p Firmware M830p T430 Firmware T630 Firmware C6320 Firmware R7425 Firmware M630 R730xd R7425 C6320 R730 Firmware Fc430 M630p Fc630 C4130 R630 Firmware Fc630 Firmware R530 Fc830 R730xd Firmware T630 R530 Firmware M830 Firmware M630 Firmware R630 R730 R7415 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:dell:r6415_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r6415:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:dell:r7415_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r7415:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:dell:r7425_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r7425:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:dell:r730_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r730:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:dell:r730xd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r730xd:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:dell:r630_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r630:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:dell:c4130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:c4130:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:dell:m630_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:m630:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:dell:m630p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:m630p:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:dell:fc630_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:fc630:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:dell:fc430_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:fc430:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:dell:m830_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:m830:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:dell:m830p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:m830p:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:dell:fc830_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:fc830:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:dell:t630_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:t630:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:dell:r530_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r530:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:dell:r430_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r430:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:dell:t430_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:t430:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:dell:r830_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:r830:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:dell:c6320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:c6320:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.dell.com/support/kbdoc/000197971	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2022-08-04T00:00:00

Updated: 2022-09-01T18:45:16

Reserved: 2022-01-04T00:00:00

Link: CVE-2022-22558

JSON object: View

NVD Information

Status : Modified

Published: 2022-04-21T21:15:07.747

Modified: 2022-09-01T19:15:12.100

Link: CVE-2022-22558

JSON object: View

Redhat Information

No data.

CWE

CWE-119